On November 27, 2003 01:28 am, Paula Fernandes wrote: > Hi, > > I have a small network with ADSL Internet service provided with a > router. I have this machine (RedHat 9.0) and another machine (windows98) > in the network. I just want to provide Internet access to the windows98 > machine via some proxy intaled in my RedHat PC. > > This is all I want!! > > Thanks for help > Hi Paula, A few questions, presuming you want to 'protect' the win98 box with a firewall, because as Roger points out most broadband connectins allow 2 IP's (at least around here). So you either need to protect the 98 box or you only get 1 IP and need to mask the 98 box. As far as the firewall protecting a 98 box, unless you have file sharing, or some web server, there should be nothing 'listening' on the 98 box so nothing to attack (although I am really not up on windows issues). Either way, for the best performance you want to have 2 network cards in the Linux box. It can be done with one using a virtual interface and a hub but it doubles the load and buffer requirements on the nic which will likely impact performance, and provides questionable security. If you are going to connect the two systems (98 & linux) directly you need a "crossover cable", if you use a hub/switch between them use regular cat5 cables. You will need to set your 98 box and the inside nic on Linux with non-routable IP's. Most typical are 192.168.1.0/24 network. win98 IP: 192.168.1.5 Netmask: 255.255.255.0 Default Gateway: 192.168.1.1 linux eth1: (internal network) IP: 192.168.1.1 Netmask: 255.255.255.0 Default Gateway: eth0 linux eth0: all setings from dhcp You will also want to copy the info from the Linux /etc/resolv.conf to the windows machine (don't know where) for dns lookup info. Does anyone know a better way to populate nat'd clients with nameserver info? You should now be able to ping between the two 192. IP's but not thru the firewall from the LAN. The Linux box should have Internet access. Now the network is ready, time for a firewall... Set the firewall to run NAT (to hide the inside IP's) then decide what services you want to allow inbound, which will likely be nothing "new" (just established or related). You will probably want to allow all outbound traffic. Sasa suggested a gui based firewall admin tool at http://firestarter.sourceforge.net it is probably all you need to set up and maintain a basic firewall (once the networking is in place). Please reply with what aspects you need help with. -- Pete Nesbitt, rhce -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
