Re: linux as a switch?

Mikkel L. Ellertson Tue, 20 Feb 2001 09:31:29 -0800
On Tue, 20 Feb 2001, Peter Peltonen wrote:

>
> Hi,
>
> I'm building a home network for a friend and was wondering if following setup
> would be possible:
>
>
> Internet
>
>  |
>  |
>
> eth0
>
> LINUX eth1 -- WIN1
>
> eth2
>
>  |
>  |
>
> WIN2
>
>
> So I would connect the Windoze machines directly to the Linux box. And they
> all would be in the same network:
>
> Linux eth1: 192.168.1.1/24
> Linux eth2: 192.168.1.2/24
> WIN1:       192.168.1.3/24
> WIN2:       192.168.1.4/24
>
Do not define networks for eth1, eth2, WIN1 or WIN2.  You can defind a
network for 192.168.1.0, but you don't realy have to.
>
> My routing table would look like this:
>
> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
> 192.168.1.1     0.0.0.0         255.255.255.255 UH    0      0        0 eth1
> 192.168.1.2     0.0.0.0         255.255.255.255 UH    0      0        0 eth2
> 192.168.1.3     192.168.1.1     255.255.255.255 UG    0      0        0 eth1
> 192.168.1.4     192.168.1.2     255.255.255.255 UG    0      0        0 eth2
> 192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
> 192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth2
> 127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
> 0.0.0.0         inet-gw         0.0.0.0         UG    0      0        0 eth0
>
>
> Would it work?
>
Your routes to WIN1 and WIN2 don't need a gateway.  If you were setting
it up manualy, you would use "route add 192.168.1.3 eth1" and
"route add 192.168.1.4 eth2".
>
> How would I configure my ipchains-firewall in this case? I'd the traffic from
> 192.168.1.0/24 network to be masqueraded. And nothing would be let in from the
> firewall (except DHCP queries as the Linux box takes it's eth0 IP via DHCP).
>
> Or do I have to put Linux's eth1 and eth2 to different networks and setup WINS
> so that the Windoze boxes can see eachother?
>
> Regards,
> Peter
>
For rules, try something like:

ipchains -A input  -i eth1 -s 192.168.1.3 -j ACCEPT
ipchains -A output -i eth1 -d 192.168.1.3 -j ACCEPT

ipchains -A input  -i eth2 -s 192.168.1.4 -j ACCEPT
ipchains -A output -i eth2 -d 192.168.1.4 -j ACCEPT

ipchains -A forward -i eth1 -s 192.168.1.3 -d 192.168.1.4 -j ACCEPT
ipchains -A forward -i eth2 -s 192.168.1.4 -d 192.168.1.3 -j ACCEPT

ipchains -A forward -i eth0 -s 192.168.1.0/24 -j MASQ

The rules are off the top of my head, so they may require tweeking.  You
will require more rules for a complete firewall!
Make sure you use crossover cables between the Linux and Windows boxes.

Mikkel
-- 

    Do not meddle in the affairs of dragons,
 for you are crunchy and taste good with ketchup.



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
Re: linux as a switch?

Reply via email to
