Re: How should I configure my two lancards on my Debian system?
Ofcourse, IF (emphasized) you happen to have a second, old, unused box lying around, use THAT as your Linux firewall. I have been using SmoothWall (www.smoothwall.org) for a long time, and am extremely pleased.
> Sonixxfx wrote:
> > Hi,
> >
> > I have a linux box connected directly to the internet that has
> two lan cards
> > installed on it. I would like to connect two other computers to
> those cards
> > so that they can make use of the internet connection. Can
> someone tell me
> > how I should configure those cards to achive this?
> > I actually already have a setup that makes it possible for one
> pc to connect
> > to the internet using one of those cards, but I do not no how to
> configure> the other. I have been thinking about a different
> subnet and bridging but I
> > didn't really came further than that.
> >
> > Thanks for your help,
> >
> > Ben
> >
>
> (Sorry if this is a dupe - I'm having email problems).
>
> This is just an overview. For details see the Debian docs,
> including the
> various included Howtos. If you get stuck on any particular
> detail, then post a
> question about that (*after* searching the debian-user archives):
>
> -First off, if you have non-PCI NICs you may want to take a look
> at Donald
> Becker's Multi-ethernet Howto.
>
> -You have to include a number of gateway-related drivers in your
> kernel - too
> many to list here. (If in doubt, just toss them all in to begin
> with :-)
>
> -You have to set up /etc/network/interfaces. E.g. maybe similar
> to my example
> here, which uses eth2 for my DSL internet connection:
>
> -----------------
> # Used by ifup(8) and ifdown(8). See the interfaces(5) manpage or
> # /usr/share/doc/netbase/examples for more information.
> #
> auto lo eth0 eth1 ppp0
> iface lo inet loopback
>
>
> iface eth0 inet static
> address 10.0.0.254
> netmask 255.255.255.0
> broadcast 10.0.0.255
>
> iface eth1 inet static
> address 10.0.1.254
> netmask 255.255.255.0
> broadcast 10.0.1.254
>
> iface ppp0 inet ppp
> pre-up ip link set eth2 up
> provider dsl-provider eth2
> --------------
>
> -You may want DHCP and/or nameserver functionality. I use a
> package called
> dnsmasq that provides both.
>
> -You have to turn on NAT or IP masquerade (through the /proc
> interface), and
> configure your firewall. For these, everyone has their own
> favorite user apps,
> or custom scripts. I use Guidedog/Guarddog, respectively.
>
> You may luck out, or just be a wizard, but I had to briefly turn
> off my gateway
> firewall for testing. It was not too risky because the gateway
> was dedicated
> and stripped down, and I watched the connection closely during the
> tests.
> To minimize risk to the client machines during the test, I set up
> softwarefirewalls, which is probably a good idea anyway. Once I
> had I tested internet
> access and name resolution using ping, I turned on and testing the
> gateway'sfirewall configuration.
>
> There's probably a Howto somewhere on all of this, or at least
> there should be.
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
Reply to: