Re: Setting up a home gateway/router
Hi Vincent,
"Vincent W. Chen" <vinmun@gmail.com> writes:
> On Thu, May 22, 2014 at 9:57 PM, <csanyipal@gmail.com> wrote:
>> I wish to set up my home headless power pc box as a gateway/router ( GW ).
>> I can connect to it with SSH only.
>>
>> Before, I set up this GW to get an IP address from my ISP with
>> dhcp.client.
Before eth0 had dynamically assigned IP addresses that it get from my
ISP with dhcp3.client. Now I don't have dhcp3 client installed on GW. I
removed it.
>> Now, I ask a static IP address for this GW and don't know how to setup
>> eth0 interface so I can connect to Internet from this GW and to forward
>> Internet connection to my LAN.
>>
> Do you mean that eth0 on GW has a static IP address? If so, you
> probably have to modify /etc/network/interfaces for eth0, e.g.
Yes, I mean that now, eth0 has a static IP address, that is:
217.17.111.173 specifically assigned to MAC address of eth0 interface.
My ISP set this up on his side. At home, I have only a Cable modem. To
this Cable Modem is connected the GW ( my headless power pc box ) with
eth0 interface. I don't have ( I think ) IPv6.
So I tried with this setup:
iface eth0 inet static
address 217.17.111.173
netmask 255.255.255.0
> iface eth0 inet static
> address 192.168.0.1
> netmask 255.255.255.0
>
> # If you have IPv6
> iface eth0 inet6 static
> address ::1
> netmask 64
>
> Change the IP address / netmask to your own.
>
>> My ISP
>> |
>> --- eth0 ( GW ) --- eth1
>> |
>> LAN
>>
>> This is my home network that I want to set up.
>>
>> The state of this setup so far is that that I can SSH into GW only, but
>> can't reach the Internet, and from LAN I can't reach Internet too.
>>
>> Can I get advices how to setup my home network?
>>
> You have to allow forwarding from your LAN to the outside internet. In
> /etc/sysctl.conf, enable
>
> net.ipv4.ip_forward=1
I have this already set.
> # If you have IPv6
> net.ipv6.conf.all.forwarding=1
>
> There may be other options in /etc/sysctl.conf that you'd want to
> change. Read the associated comments and manpages.
>
> If you are setting up a gateway, you might want to look into the
> firewall iptables/ip6tables. The standard procedure is to drop all
> packets, allowing only specific ones to pass through.
I'm using Shorewall on my GW ( headless power pc ).
--
Regards, from Paul
Reply to: