View previous topic :: View next topic |
Author |
Message |
odegard Guru
Joined: 08 Mar 2003 Posts: 324 Location: Trondheim, NO
|
Posted: Tue Apr 29, 2003 10:12 pm Post subject: Internet Connection Sharing |
|
|
Hi. I started KDE for the first time 20 minutes ago
Now, my next task is to find out how to share my internet connection with my Win98 laptop.
Both my workstation and laptop are connected to my ADSL modem and in Windows I can do my magic and get Internet Connection Sharing to work. Is this possible in Gentoo? Do I need 2 NICs?
I've searched the forums but I only found cases where people have two NICs.
Any help is appreciated.
Odegard |
|
Back to top |
|
|
neilhwatson l33t
Joined: 06 Feb 2003 Posts: 719 Location: Canada
|
Posted: Tue Apr 29, 2003 10:15 pm Post subject: |
|
|
I've only ever done it using two NICs. _________________ The true guru is a teacher.
Neil Watson |
|
Back to top |
|
|
odegard Guru
Joined: 08 Mar 2003 Posts: 324 Location: Trondheim, NO
|
Posted: Tue Apr 29, 2003 10:48 pm Post subject: |
|
|
Thanks. Anyone else? |
|
Back to top |
|
|
Furtim n00b
Joined: 01 Dec 2002 Posts: 65
|
Posted: Wed Apr 30, 2003 12:47 am Post subject: |
|
|
Try to post a bit more detail as in...... type of ADSL modem
how it's connected to what machine. I had ADSL before but a usb type connected to firewall box to serve the Lan |
|
Back to top |
|
|
odegard Guru
Joined: 08 Mar 2003 Posts: 324 Location: Trondheim, NO
|
Posted: Wed Apr 30, 2003 11:31 pm Post subject: |
|
|
I have one laptop running windows 98 and one workstation running gentoo. Both are connected to a Lucent CellPipe Router (http://www.lucent.com/products/solution/0,,CTID+2013-STID+10476-SOID+1182-LOCL+1,00.html). I connect using PPPoE and basically I would like to use both on the internet simultaniously. Previously, in windows, I used "Internet Connection Sharing" to get both online so in theory, it is a matter of software.
What makes everything interesesting however is that my workstation and laptop have both one NIC each.
My problem is that I don't know where to start. I'm not afraid or reading documentation so I'm not requesting a walkthrough but a hint on what to look for (and perhaps where, if you are really nice).
My linux level is mediocre+ (But I managed to install Gentoo (X, KDE) on first try and this is my first experience with linux )
Thanks for any help
Odegard |
|
Back to top |
|
|
st. anger Apprentice
Joined: 30 Oct 2002 Posts: 273
|
Posted: Wed Apr 30, 2003 11:53 pm Post subject: |
|
|
Quote: | Both are connected to a Lucent CellPipe Router |
according to the website specs on that dsl modem/router, it only has one wan port and one lan port. so do you mean that you have two of those units?
if that is the case then there shouldnt be a need for internet connection sharing right? _________________ pizza. |
|
Back to top |
|
|
odegard Guru
Joined: 08 Mar 2003 Posts: 324 Location: Trondheim, NO
|
Posted: Thu May 01, 2003 12:20 am Post subject: |
|
|
I'm not 100% on the terminology but I'll do my best. On the Router it says "DSL-CELL-20S-E".
I have one WAN port connected to my phoneline providing the DSL.
I have 4 LAN ports from which my workstation and laptop are connected to two of them.
According to this: http://www.dslclub.de/forum/showthread/t-63593.html (german) my router is crippled and does not work as a router.
I don't know that that means.
What I did in windows was to create the "real" network, connecting my workstation to the internet. Then I made a LAN with my laptop and workstation. Then I enabled ICS on the workstation and voila, my laptop was online.
I'm not sure if I make much sense. I don't blame you if you cannot help me.
Odegard |
|
Back to top |
|
|
st. anger Apprentice
Joined: 30 Oct 2002 Posts: 273
|
Posted: Thu May 01, 2003 1:47 am Post subject: |
|
|
do you mean that your router is defective? i cannot imagine why with four ports you would not be able to set up an internal network.
perhaps you need to configure the router settings? _________________ pizza. |
|
Back to top |
|
|
Genone Retired Dev
Joined: 14 Mar 2003 Posts: 9616 Location: beyond the rim
|
Posted: Thu May 01, 2003 3:47 pm Post subject: |
|
|
The metioned article says that the modem/router has the routing functionality disabled in the firmware. The router seems to be provided by his ISP, so I think the ISP doesn't want multiple computers to share the connection (ISP's do some strange things here in Germany).
Back to the original problem: I think you should be able to enable routing on your Desktop with Code: | iptables -t nat -A POSTROUTING -s $IP_OF_LAPTOP -d '! $IP_OF_DESKTOP' -j SNAT --to-source $IP_OF_DESKTOP
echo 1 > /proc/sys/net/ipv4/ip_forward |
I haven't tested this and I'm no expert for iptables, so maybe someone with more knowledge can provide further information. |
|
Back to top |
|
|
r0cket- n00b
Joined: 16 Apr 2003 Posts: 62
|
Posted: Thu May 01, 2003 5:27 pm Post subject: Re: Internet Connection Sharing |
|
|
odegard wrote: | Hi. I started KDE for the first time 20 minutes ago
Now, my next task is to find out how to share my internet connection with my Win98 laptop.
Both my workstation and laptop are connected to my ADSL modem and in Windows I can do my magic and get Internet Connection Sharing to work. Is this possible in Gentoo? Do I need 2 NICs?
I've searched the forums but I only found cases where people have two NICs.
Any help is appreciated.
Odegard |
I think I understand what you were doing with ICS. You had one real NIC and one virtual adapter for your PPPoE client and did ICS between the two, with only the single physical interface on each system connected to the DSL modem/router? |
|
Back to top |
|
|
adumare n00b
Joined: 27 Apr 2003 Posts: 27
|
Posted: Thu May 01, 2003 6:23 pm Post subject: |
|
|
You can make your linux box the router for your network with only one network card, but this is not a good idea. if you want to do it you will have to look at how to assign multiple ip address to one nick card. I can't remeber how to do this currently but before there was a kernel option. Then you will have to setup IPTABLES to do nat translation. There are many howtos out there on how to do this. Really though this is not a very good solusion and it will be very easy for someone to comprise your firewall because the same nic will be listening on both your internal and external networks. Personally I would invest in a second network card since they are only like 10 bucks. |
|
Back to top |
|
|
odegard Guru
Joined: 08 Mar 2003 Posts: 324 Location: Trondheim, NO
|
Posted: Thu May 01, 2003 11:09 pm Post subject: |
|
|
Genone, thanks I'll try that when I get back from London over the weekend
r0cket-, yes, exactly
adumare, indeed, but this is meant to be a short term solution.
Thanks for the help guys! |
|
Back to top |
|
|
fragbert Tux's lil' helper
Joined: 18 Apr 2003 Posts: 75 Location: Dallas, TX
|
Posted: Fri May 02, 2003 6:04 am Post subject: |
|
|
Yeah, this kind of thing should work; however, for practicality you may want to bind another IP address to your NIC, creating two networks on your Ethernet. You can do this by editing your /etc/conf.d/net file and adding:
There should already be a working example in the net file. This way, you can have an "internal" IP for your private subnet and also the regular external IP for your internet connection. The laptop will be on the same network as the Gentoo box's internal IP (ex. 192.168.0.0/16) and use your Gentoo box's private IP as the default gateway. In this case, you can use a slightly simpler iptables command:
Code: | iptables -t nat -A POSTROUTING -s $PRIVATE_SUBNET -j MASQUERADE |
In re: security by adumare, there really is no need to worry about security in this situation moreso than in any other firewall situation. If you are really paranoid, you can easily just add an iptables rule to only accept packets from the outside world from the router's MAC. I've never done this myself, but the entry should be like:
Code: | iptables -t mangle -A PREROUTING -p mac --mac-source $ROUTERS_MAC -d $PRIVATE_SUBNET -j DROP |
I believe this must be in -t mangle because the regular filter table FORWARD entries use post-NAT addresses. Either way, your ISP should never forward you packets meant for a private subnet, and your router should be dropping source-routed packets anyway. The thought that your setup is less secure because both networks are on the same Ethernet is only an illusion.
Good luck,
Michael
Genone wrote: | The metioned article says that the modem/router has the routing functionality disabled in the firmware. The router seems to be provided by his ISP, so I think the ISP doesn't want multiple computers to share the connection (ISP's do some strange things here in Germany).
Back to the original problem: I think you should be able to enable routing on your Desktop with Code: | iptables -t nat -A POSTROUTING -s $IP_OF_LAPTOP -d '! $IP_OF_DESKTOP' -j SNAT --to-source $IP_OF_DESKTOP
echo 1 > /proc/sys/net/ipv4/ip_forward |
I haven't tested this and I'm no expert for iptables, so maybe someone with more knowledge can provide further information. |
|
|
Back to top |
|
|
|