[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Trying to protect another computer with a gnome-lokkit firewall

I [now] have a perfectly good desktop PC running debian, openoffice, samba, etc. just fine, and I still need a firewall to protect a legacy PC with a foreign OS that hasn't got any virus protection, but which I'd like to network. I installed gnome-lokkit and set it up as a firewall with zero hassle. I've managed to configure the debian PC's two NIC's, one connected as an input from my LinkSys router, and the other intended as an output to the PC to be protected. I can ping the other PC from the debian PC ... I can ping another, well protected notebook PC on the network, but the router is set up to ignore pings from the outside world, so it doesn't echo to the debian PC. That makes things a little harder. I think I'd better set up the LinkSys to recognize the debian PC as one of the family.

Here are my questions:

1. Should I use a crossover Ethrnet cable between the debian PC and the PC that's
chained to it ?  Or a standard Ethernet cable ?

2. Do I give the IP address of the debian PC as the Gateway address for the other PC ?

Progress report:

There are really two networks - One consisting of the "new" PC running the recent install of debian sarge, another debian PC running closely the same thing and
working great, thanks to the folks at LinuxForce, and a WinXP machine that
occasionally "visits." Two consisting of eth1 on the "new" PC running debian sarge and connected to a legacy Win98SE machine which I need to operate a Kodak MDS- 100 microscope camera. I've configured the No. One network is OK (except for setting up shared folder, etc, of which there are presently none). And now the "new" PC running debian can ping the router OK, too ... I was using the wrong IP address for
the router.

The second, Network Two, is dead in the water. Ping reaches the legacy PC as well
as eth1 on the "new" PC running debian sarge.  Ping from the Win98SE machine
reaches its NIC as well as the "new" PC's eth0 and eth1. So far, so good. Following Andrei Popescu's sage advice, I'm using the crossover cable, and the NIC's at each end emit happy green smiles. I've also forced the IP address of the eth1 NIC on the
"new" PC running debian to be the gateway addressfor the NIC on the Win98SE
machine, as approved by Andrei. I think that I have not even begun to set up Network Two, as it is really a completely separate network, presumably requiring another
instance of Samba.  But how to do that ?

Part of my trouble is the DNS server - which the Win98SE PC wants to use to resolve my attempts to log in - so far, whenever W98SE's Setup Wizard has managed to get the icon from the "new" PC's debian system to show up in the Win98SE's Network Neighborhood window, I could not log in with my correct username, correct domain, and all the passwords that I use. I suspect that it's the pesky DNS server that's not being addressed properly. I've never gotten a glimmer of the Win98SE machine
to appear in the Network Servers window on the "new" PC running debian.

The "new" PC running debian sarge, gnome-lokkit, and [now] firefox works fine, albeit slowly, at surfing the Internet, viewing webmail, etc. The lokkit firewall
is set up in high security mode and seems not to interfere with my surfing,
however slow it is. Not sure where the slowness comes from, as I've got a DSL
connection through which ftp's from the debian mirrors gush at 40kB/sec, but
things slow to a crawl using http.


Reply to: