Re: A gateway solution ?
Neil:
I think your original question boils down to: "How do I get this
machine to act like a gateway?" Briefly, the answer is:
1. Compile the kernel with IP forwarding and IP masquerading
enabled.
2. Use ipchains to do firewalling.
3. Use ipmasqadm to do network address translation.
So: a client wants to access mail.alfa.org to read mail. It performs a
DNS lookup on the name and gets the address. It determines from
its routing table that it must go through your gateway to get to that
address. The gateway reads the source address in the packets it
receives and, according to rules you specify with ipmasqadm, re-
places the address with it's own. The mail server (mail.alfa.org)
sends all responses to the gateway, who forwards those responses
to the client. The mail server never realizes that it's really talking
to a machine behind the gateway-- and it really doesn't care.
For more information, read the Networking HOWTO at
http://www.linux.doc.org/. The Kernel HOWTO at that site
might also help.
Marc
----------
Marc Mongeon <mongeon@bankoe.com>
Unix Specialist
Ban-Koe Systems
9100 W Bloomington Fwy
Bloomington, MN 55431-2200
(612)888-0123, x417 | FAX: (612)888-3344
----------
"It's such a fine line between clever and stupid."
-- David St. Hubbins and Nigel Tufnel of "Spinal Tap"
>>> "Neil D. Roberts" <koala@lander.es> 11/30 9:52 AM >>>
Thanks for the info, ok, to cut things short, they can all install on
"ne" (Compatible NE2000 Ethernet Card). I think that is what you meant
by modules.
Russell Coker wrote:
> Why have 500M of swap? As your machine only has 32M of RAM it will be almost
> unusable if it ever uses more than 64M of swap.
Ok, I have re-partitioned the hard drive to the following :
hda1 is "/" (400Mb)
hda2 is /var (150Mb)
hda3 is swap (100Mb)
>
> Why have 500M of swap? As your machine only has 32M of RAM it will be almost
> unusable if it ever uses more than 64M of swap.
> Firstly you need the modules loaded. As you didn't bother telling us the
> type of network card that can't be answered.
> The generic answer is to put something in /etc/modules, then add appropriate
> "ifconfig" lines to /etc/init.d/network .
> Then add "echo 1 > /proc/sys/net/ipv4/ip_forward" to /etc/init.d/network .
Thanks for the info, ok, to cut things short, they can all install on
"ne" (Compatible NE2000 Ethernet Card). I think that is what you meant
by modules.
Right now in /etc/modules I have "ne".
And the network file in /etc/init.d is configured for the first
installed ethernet card. What I was trying to ask was how to install the
other two ethernet cards. Here is the table:
eth io irq module ip subnet gateway
----------------------------------------------------------------------
eth0 0x320 09 ne 192.168.1.1 255.255.255.0 None
eth1 0x200 03 ne 195.76.46.62 255.255.255.224 195.76.46.33
eth2 0x280 15 ne 192.168.1.253 255.255.255.0 None
Right now, eth0 is installed, so I have the first network card working
with the configuration shown above. I installed it when installing
debian, on the hardware selection part, but it only lets you install one
card per module.
Thanks
Neil.
--
Unsubscribe? mail -s unsubscribe debian-user-request@lists.debian.org < /dev/null
Reply to: