Sonixxfx wrote:
Hi, I have a linux box connected directly to the internet that has two lan cards installed on it. I would like to connect two other computers to those cards so that they can make use of the internet connection. Can someone tell me how I should configure those cards to achive this? I actually already have a setup that makes it possible for one pc to connect to the internet using one of those cards, but I do not no how to configure the other. I have been thinking about a different subnet and bridging but I didn't really came further than that. Thanks for your help, Ben
This is just an overview. For details see the Debian docs, including the various included Howtos. If you get stuck on any particular detail, then post a question about that (*after* searching the debian-user archives):
-First off, if you have non-PCI NICs you may want to take a look at Donald Becker's Multi-ethernet Howto.
-You have to include a number of gateway-related drivers in your kernel - too many to list here. (If in doubt, just toss them all in to begin with :-)
-You have to set up /etc/network/interfaces. E.g. maybe similar to my example here, which uses eth2 for my DSL internet connection:
-----------------
# Used by ifup(8) and ifdown(8). See the interfaces(5) manpage or
# /usr/share/doc/netbase/examples for more information.
#
auto lo eth0 eth1 ppp0
iface lo inet loopback
iface eth0 inet static
address 10.0.0.254
netmask 255.255.255.0
broadcast 10.0.0.255
iface eth1 inet static
address 10.0.1.254
netmask 255.255.255.0
broadcast 10.0.1.254
iface ppp0 inet ppp
pre-up ip link set eth2 up
provider dsl-provider eth2
--------------
-You may want DHCP and/or nameserver functionality. I use a package called
dnsmasq that provides both.
-You have to turn on NAT or IP masquerade (through the /proc interface), and configure your firewall. For these, everyone has their own favorite user apps, or custom scripts. I use Guidedog/Guarddog, respectively.
You may luck out, or just be a wizard, but I had to briefly turn off my gateway firewall for testing. It was not too risky because the gateway was dedicated and stripped down, and I watched the connection closely during the tests.
To minimize risk to the client machines during the test, I set up software firewalls, which is probably a good idea anyway. Once I had I tested internet access and name resolution using ping, I turned on and testing the gateway's firewall configuration.
There's probably a Howto somewhere on all of this, or at least there should be.