Ofcourse, IF (emphasized) you happen to have a second, old, unused box lying around, use THAT as your Linux firewall. I have been using SmoothWall (www.smoothwall.org) for a long time, and am extremely pleased.
> Sonixxfx wrote: > > Hi, > > > > I have a linux box connected directly to the internet that has > two lan cards > > installed on it. I would like to connect two other computers to > those cards > > so that they can make use of the internet connection. Can > someone tell me > > how I should configure those cards to achive this? > > I actually already have a setup that makes it possible for one > pc to connect > > to the internet using one of those cards, but I do not no how to > configure> the other. I have been thinking about a different > subnet and bridging but I > > didn't really came further than that. > > > > Thanks for your help, > > > > Ben > > > > (Sorry if this is a dupe - I'm having email problems). > > This is just an overview. For details see the Debian docs, > including the > various included Howtos. If you get stuck on any particular > detail, then post a > question about that (*after* searching the debian-user archives): > > -First off, if you have non-PCI NICs you may want to take a look > at Donald > Becker's Multi-ethernet Howto. > > -You have to include a number of gateway-related drivers in your > kernel - too > many to list here. (If in doubt, just toss them all in to begin > with :-) > > -You have to set up /etc/network/interfaces. E.g. maybe similar > to my example > here, which uses eth2 for my DSL internet connection: > > ----------------- > # Used by ifup(8) and ifdown(8). See the interfaces(5) manpage or > # /usr/share/doc/netbase/examples for more information. > # > auto lo eth0 eth1 ppp0 > iface lo inet loopback > > > iface eth0 inet static > address 10.0.0.254 > netmask 255.255.255.0 > broadcast 10.0.0.255 > > iface eth1 inet static > address 10.0.1.254 > netmask 255.255.255.0 > broadcast 10.0.1.254 > > iface ppp0 inet ppp > pre-up ip link set eth2 up > provider dsl-provider eth2 > -------------- > > -You may want DHCP and/or nameserver functionality. I use a > package called > dnsmasq that provides both. > > -You have to turn on NAT or IP masquerade (through the /proc > interface), and > configure your firewall. For these, everyone has their own > favorite user apps, > or custom scripts. I use Guidedog/Guarddog, respectively. > > You may luck out, or just be a wizard, but I had to briefly turn > off my gateway > firewall for testing. It was not too risky because the gateway > was dedicated > and stripped down, and I watched the connection closely during the > tests. > To minimize risk to the client machines during the test, I set up > softwarefirewalls, which is probably a good idea anyway. Once I > had I tested internet > access and name resolution using ping, I turned on and testing the > gateway'sfirewall configuration. > > There's probably a Howto somewhere on all of this, or at least > there should be. > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]