| View previous topic :: View next topic |
| Author |
Message |
berarul
Tux's lil' helper
Joined: 12 Apr 2004
Posts: 75
Location: Bucuresti
|
 Posted: Sat May 22, 2004 9:29 pm Post subject: iptables router with squid/dhcp support & opt. mac filte |
 |
|
Okay. You'll notice the lack of any HOWTO in the title so this means that it's not about how to configure Masquerade/SNAT but rather it's an "integration" tool for iptables, squid, dhcp and in the future maybe bind.
I'm kinda noobie so don't start picking on me if something's broken. I tested everything but i made some last minute modifications.
So what it can do:
* allow routing of internet traffic for only mac/ip pairs or an entire eth
* write the dhcp config file so you can assign static ips to a certain mac
independently of wether you filter internet traffic based on a mac/ip combination
* redirect internet traffic to a caching proxy server (not gonna tell you how to config this
but it's simple)
* allow changing of the behaviour entirely from the config file: if you need to enable dynadrr
you just make the necessary changes in the conf file and do not modify anything in the init file
So here goes:
EDIT: changed the name to be a little more imaginative and split the config files and put them into a url.
first you need to emerge squid and dhcp and add them to the default runlevel
| Code: |
emerge dhcp squid
rc-update add default dhcp
rc-update add default squid
rc-update add default nexus
|
download here
www.digifin.ro/nexus/nexus.tar.bz2
the /etc/squid/squid.conf file simply cannot be posted here as it's way to large but there's no special stuff to do. Just tweak the default for what you need.
Best of routing to you! 
_________________
You need to stand up to your mother, smack her in the face and say "That's enough of your shit, you fucking bitch!"
Last edited by berarul on Mon Jun 07, 2004 10:48 am; edited 1 time in total |
|
| Back to top |
|
 |
berarul
Tux's lil' helper
Joined: 12 Apr 2004
Posts: 75
Location: Bucuresti
|
| Posted: Thu Jun 03, 2004 7:41 pm Post subject: |
|
|
Hm ... no posts ... please tell me if you think this is usefull or not. It will help me know what to do with it next.
_________________
You need to stand up to your mother, smack her in the face and say "That's enough of your shit, you fucking bitch!" |
|
| Back to top |
|
|
revertex
l33t
Joined: 23 Apr 2003
Posts: 806
|
| Posted: Mon Jun 07, 2004 5:32 am Post subject: |
|
|
Thank's a lot, it will be very helpfull o me, i'm building a new server , your guide is exactly what i'm looking for.
start with a working configuration is even better than start from the ground. |
|
| Back to top |
|
|
berarul
Tux's lil' helper
Joined: 12 Apr 2004
Posts: 75
Location: Bucuresti
|
| Posted: Mon Jun 07, 2004 10:46 am Post subject: |
|
|
You're welcome Revertex. I now changed the whole layout. I split the config file into several files for easier management and gave it a more imaginative name than "firewall"  .
Variables should be altered in /etc/conf.d/nexus, while configuration editing should take place in /etc/nexus/. Hope this simplifies things rather than making them complex.
I'm planning to add some restrictions to $INTIF too (short term) and traffic shapping (medium term).
Here is the new location www.digifin.ro/nexus/nexus.tar.bz2
_________________
You need to stand up to your mother, smack her in the face and say "That's enough of your shit, you fucking bitch!" |
|
| Back to top |
|
|
|
Documentation, Tips & Tricks
