Re: Internet Connection Sharing with Linux (ANSWER)

Tue, 18 Feb 2003 12:17:28 -0800 

On Tue, 2003-02-18 at 10:52, John Nall wrote:
> There is something I can't seem to grasp, and so far I have not found the 
> answer.  I'm trying to ween myself away from Windows and migrate to Linux 
> (for several reasons) but gosh it sure is not easy to do even when one is 
> determined.  How in the world do you accomplish ICS???


Just do the following.

1. Set the your client machines to use the ethernet IP address of your
Linux firewall/gateway as their default gateway.  This can be done
manually on each machine, or you could setup DHCP on your Linux box (see
step 4 below)

2. Configure IP masquerading on your Linux box. You said you were using
a modem. The following commands will be sufficient:

# iptables -F
# iptables -t nat -F
# iptables -A INPUT -i ppp0 -m state --state ESTABLISHED,RELATED -j ACCEPT
# iptables -A INPUT -i ppp0 -j DROP
# iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
# service iptables save
# echo "modprobe ip_nat_ftp" >> /etc/rc.local
# perl -e 's/forward = 0/forward = 1/' -pi /etc/sysctl.conf
# echo 1 > /proc/sys/net/ipv4/ip_forward

3. Optionally, setup a caching DNS server on your box for your clients
to use.

Install RPM package: bind and caching-name server, then run:

# chkconfig named on
# service named on

4. Optionally, setup a DHCP server. Let's assume that you are using
192.168.69.0/255.255.255.0 as your internal network. Let's assume that
your Linux box's ethernet address is 192.168.69.1.

Install the RPM package: dhcp

Create the file /etc/dhcpd.conf with the following contents:

ddns-update-sytle none;
subnet 192.168.69.0 netmask 255.255.255.0 {
        option routers 192.168.69.1;
        option subnet-mask 255.255.255.0;
        option domain-name-servers 192.168.69.1;
        range 192.168.69.100 192.168.69.200;
}

Then run start the DHCP server and make sure it will run at boot time:

# service dhcp start
# chkconfig dhcp on

Note: I did all this from memory, so you may want check the dhcpd.conf
syntax against the man page. I think it's right though.

Dax Kelson
Guru Labs



-- 
Psyche-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/psyche-list

Reply via email to