Hello Creighton, Wednesday, February 19, 2003, 3:41:24 AM CET, you wrote:
cs> Next, I have a small setup, only one server and one node so far, cs> however this is a proof-of-concept attempt for my local office. The cs> powers that be are afraid to abandon M$ on the workstaions so I have been cs> trying to setup this k12ltsp (RedHat 7.3) server as an internet gateway cs> for the windoze machines. My test machine is a win95 that reads the net cs> card, asks for and gets a number from the dhcpd, but cannot read the cs> 'network neiborhood' nor can I login to the server by telnet. This same cs> machine boots with an etherboot boot disk fine. The fact that it cannot read the network neighbourhood can be due to your not having configured samba properly. No matter sofar. If you cannot telnet to it, that could be caused by security settings; I know that Debian 3.0 usually doesn't activate telnet but only the encrypted version, ssh. Can you ping the linux box? (Does the IP-address given by win95: winipcfg) for the dhcp server match what you configured? On the linux box, you need masquerading and a GOOD firewall for what you plan, for a start these rules should suffice (FOR A START!!!) echo "1" >/proc/sys/net/ipv4/ip_forward to turn on forwarding iptables -t nat -A FORWARD -i eth0 -o ppp0 -j MASQUERADE iptables -A INPUT -i ppp0 -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j DROP (from memory, countercheck with iptables man-page) This is not a tight firewall, but just a quickstart, assuming you connect to the internet via ppp0 interface and localnet is eth0. At least better than nothing, no idea, what redhat has for default. In general, the recommendation to have a second PC as internet-gateway/firewall is pretty reasonable for me, but it is not always possible to spare a machine for that. You could look out, e.g. at etherboot.org Links or so I saw a netbootable firewall-Linux (a machine gets Linux from the net, readonly, and from then on is a firewall: Even if cracked, no data can be destroyed on that particular PC...) cs> Can someone point me in the direction of some docs that might give me some cs> direction, please? For this network/internet-relay stuff, you could look for a FAQ on www.tldp.org (The Linux Documentation Project), I seem to remember there was one with MASQUERADING in its name, in the networking section. cs> Also, is there anyone here who has a ltsp setup cs> running well in the Greater Cincinnati area, such as a school? Sorry, Greater Cologne area better fits the place I'm working at :-) Best regards, Anselm mailto:[EMAIL PROTECTED]
smime.p7s
Description: S/MIME Cryptographic Signature