Hi everybody...
How can I share my WAN ip to my LAN? How can I do that I really dont know...:( I am using linux long time ago but this kind I would like to do newly...
Can anybody help me about IP sharing in Centos?
thanks alot...
Tolun ARDAHANLI wrote:
Hi everybody...
How can I share my WAN ip to my LAN? How can I do that I really dont know...:( I am using linux long time ago but this kind I would like to do newly...
Can anybody help me about IP sharing in Centos?
its known as "IP Masquerade" in Linux, and its controlled primarily with iptables(8)
you should read up on iptables and firewall rules to understand how it all works
the ip masquerade HOWTO lives here http://tldp.org/HOWTO/html_single/IP-Masquerade-HOWTO/
master source of documetation of all this is here -> http://www.netfilter.org/documentation/
John R Pierce wrote:
Tolun ARDAHANLI wrote:
Hi everybody...
How can I share my WAN ip to my LAN? How can I do that I really dont know...:( I am using linux long time ago but this kind I would like to do newly...
Can anybody help me about IP sharing in Centos?
its known as "IP Masquerade" in Linux, and its controlled primarily with iptables(8)
you should read up on iptables and firewall rules to understand how it all works
the ip masquerade HOWTO lives here http://tldp.org/HOWTO/html_single/IP-Masquerade-HOWTO/
master source of documetation of all this is here -> http://www.netfilter.org/documentation/
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
You have to enable routing also.
Start reading here: http://www.linuxhomenetworking.com/
and then google for "Home linux networking" and you will find answers for your questions.
/M
Here is what you need to do: http://www.howtoforge.com/home-gateway-firewall-with-dhcp-server-for-connect...
Hope this will help you.
/M
2008/1/22, MatsK mkn0014@gmail.com:
John R Pierce wrote:
Tolun ARDAHANLI wrote:
Hi everybody...
How can I share my WAN ip to my LAN? How can I do that I really dont know...:( I am using linux long time ago but this kind I would like to do newly...
Can anybody help me about IP sharing in Centos?
its known as "IP Masquerade" in Linux, and its controlled primarily with iptables(8)
you should read up on iptables and firewall rules to understand how it all works
the ip masquerade HOWTO lives here http://tldp.org/HOWTO/html_single/IP-Masquerade-HOWTO/
master source of documetation of all this is here -> http://www.netfilter.org/documentation/
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
You have to enable routing also.
Start reading here: http://www.linuxhomenetworking.com/
and then google for "Home linux networking" and you will find answers for your questions.
/M
On Jan 22, 2008 8:46 AM, Tolun ARDAHANLI tolun.ardahanli@linux.org.tr wrote:
Hi everybody...
How can I share my WAN ip to my LAN? How can I do that I really dont know...:( I am using linux long time ago but this kind I would like to do newly...
Buy a small router/modem, ask your ISP for suggestions. This is cheap (<100$), no need to keep your computer always turned on, very easy to configure if you nead more features (port forwarding for skype, games, p2p, ....), have some builtint feature (dhcp, DNS proxy). Also think about wireless ...... This is probably more secure, not because centos/linux is not, but because you dont know what you are doing.
Of course this is less fun
Regards.
Can anybody help me about IP sharing in Centos?
thanks alot...
-- Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600 _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Tue, 2008-01-22 at 14:49 +0100, Alain Spineux wrote:
On Jan 22, 2008 8:46 AM, Tolun ARDAHANLI tolun.ardahanli@linux.org.tr wrote:
Hi everybody...
How can I share my WAN ip to my LAN? How can I do that I really dont know...:( I am using linux long time ago but this kind I would like to do newly...
Buy a small router/modem, ask your ISP for suggestions. This is cheap (<100$), no need to keep your computer always turned on, very easy to configure if you nead more features (port forwarding for skype, games, p2p, ....), have some builtint feature (dhcp, DNS proxy). Also think about wireless ...... This is probably more secure, not because centos/linux is not, but because you dont know what you are doing.
Of course this is less fun
Well, I wasn't going to suggest, but since the topic of alternatives is open...
If you have an older available computer laying around, check out IPCop
free, has lots of features, runs reliably, I've been on it for years, as have others on this list. Biggest gripe I have is docs could be a little better - they tend to not get updated to stay up with the software.
Regards.
Can anybody help me about IP sharing in Centos?
thanks alot...
-- Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600
<snip sig stuff>
HTH
On Jan 22, 2008 3:17 PM, William L. Maltby CentOS4Bill@triad.rr.com wrote:
On Tue, 2008-01-22 at 14:49 +0100, Alain Spineux wrote:
On Jan 22, 2008 8:46 AM, Tolun ARDAHANLI tolun.ardahanli@linux.org.tr wrote:
Hi everybody...
How can I share my WAN ip to my LAN? How can I do that I really dont know...:( I am using linux long time ago but this kind I would like to do newly...
Buy a small router/modem, ask your ISP for suggestions. This is cheap (<100$), no need to keep your computer always turned on, very easy to configure if you nead more features (port forwarding for skype, games, p2p, ....), have some builtint feature (dhcp, DNS proxy). Also think about wireless ...... This is probably more secure, not because centos/linux is not, but because you dont know what you are doing.
Of course this is less fun
Well, I wasn't going to suggest, but since the topic of alternatives is open...
:-)
Of course the main idea is to avoid to have a non firewall dedicated linux (like centos is) configured by someone without to much network knowledge be in front of Internet.
If you have an older available computer laying around, check out IPCop
http://www.ipcop.org/free, has lots of features, runs reliably, I've been on it for years, as have others on this list. Biggest gripe I have is docs could be a little better - they tend to not get updated to stay up with the software.
Regards.
Can anybody help me about IP sharing in Centos?
thanks alot...
-- Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600
<snip sig stuff>
HTH
Bill
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Tuesday 22 January 2008 14:52:19 Alain Spineux wrote:
Of course the main idea is to avoid to have a non firewall dedicated linux (like centos is) configured by someone without to much network knowledge be in front of Internet.
I'd really recommend going for the router. They are not very expensive and easier to set up than most dsl modems. A built-in firewall comes with most, and better ones have easily configured port-forwarding if/when you come to need it. My Netgear DG634G has all that and wireless too. And the best thing is that it has a really good we-based interface (most use web-based, but not all are good in terms of well-explained and easy to configure).
Anne
Anne Wilson wrote:
On Tuesday 22 January 2008 14:52:19 Alain Spineux wrote:
Of course the main idea is to avoid to have a non firewall dedicated linux (like centos is) configured by someone without to much network knowledge be in front of Internet.
I'd really recommend going for the router. They are not very expensive and easier to set up than most dsl modems. A built-in firewall comes with most, and better ones have easily configured port-forwarding if/when you come to need it. My Netgear DG634G has all that and wireless too. And the best thing is that it has a really good we-based interface (most use web-based, but not all are good in terms of well-explained and easy to configure).
Anne
If you want to go with this kind of router (cheap, wireless, simple), i would then recommend a Linksys WRT-54GL (The trailing "L" is very important, about 50$) and replace the stock firmware with DD-WRT (GPL). DD-WRT is real nice, simple and have a lot of interesting features. It is less flexible than the solutions below.
You could go with OpenWRT and the same Linksys WRT-54GL if you're a Linux savvy.
If you have an old PC laying around, i'd then recommend pfSense. I have pfSense firewalls on some sites and it runs very very well.
If you prefer to go with SBC (Single Board Computer like a Soekris net45xx/net48xx or WRAP board), then you have a choice between mOnOwall and pfSense (and many others but those 2 are simple yet powerful).
I have a couple of SBC boxes installed at my clients' offices running mOnOwall (WRAP SBC Boards) and they do a very good job. They are very energy efficient with small footprint.
Finally, you could go for a used Cisco Router (something like a 2600 series) if you like Cisco like a do. But it's not an easy solution, it's very command line centric and you could have a hard time decrypting the very large command list of IOS (and getting used to it).
Hope this helped.
Guy Boisvert IngTegration inc.
Guy Boisvert wrote:
Anne Wilson wrote:
On Tuesday 22 January 2008 14:52:19 Alain Spineux wrote:
Of course the main idea is to avoid to have a non firewall dedicated linux (like centos is) configured by someone without to much network knowledge be in front of Internet.
I'd really recommend going for the router. They are not very expensive and easier to set up than most dsl modems. A built-in firewall comes with most, and better ones have easily configured port-forwarding if/when you come to need it. My Netgear DG634G has all that and wireless too. And the best thing is that it has a really good we-based interface (most use web-based, but not all are good in terms of well-explained and easy to configure).
Anne
If you want to go with this kind of router (cheap, wireless, simple), i would then recommend a Linksys WRT-54GL (The trailing "L" is very important, about 50$) and replace the stock firmware with DD-WRT (GPL). DD-WRT is real nice, simple and have a lot of interesting features. It is less flexible than the solutions below.
You could go with OpenWRT and the same Linksys WRT-54GL if you're a Linux savvy.
If you have an old PC laying around, i'd then recommend pfSense. I have pfSense firewalls on some sites and it runs very very well.
If you prefer to go with SBC (Single Board Computer like a Soekris net45xx/net48xx or WRAP board), then you have a choice between mOnOwall and pfSense (and many others but those 2 are simple yet powerful).
I have a couple of SBC boxes installed at my clients' offices running mOnOwall (WRAP SBC Boards) and they do a very good job. They are very energy efficient with small footprint.
Finally, you could go for a used Cisco Router (something like a 2600 series) if you like Cisco like a do. But it's not an easy solution, it's very command line centric and you could have a hard time decrypting the very large command list of IOS (and getting used to it).
Hope this helped.
Guy Boisvert IngTegration inc.
Replying to mmyself, i want to add that wireless could be more problematic with mOnOwall and pfSense. Those 2 are based on BSD and you'd have to check compatibility list vs. BSD version before buying.
Guy Boisvert IngTegration inc.
I have an IPcop box setup at work. Using squidguard to keep customers from surfing porn while they are in our waiting room. (On a completely separate DSL connection..)
I have an Astaro Security Gateway setup at home (on a Dell p3 precision 220). Free home license, do FAR more than your typical broadband router. Not a small learning curve, though. Wireless is through a D-link DWL-7100(I think) access point in the attic. I have a Linksys wrt54g (original version) with openWRT, but it's just there for backup.....
Any of the above will accomplish your goal...
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Alain Spineux Sent: Tuesday, January 22, 2008 6:52 AM To: CentOS mailing list Subject: Re: [CentOS] How can i share my WAN ip to my LAN?
On Jan 22, 2008 3:17 PM, William L. Maltby CentOS4Bill@triad.rr.com wrote:
On Tue, 2008-01-22 at 14:49 +0100, Alain Spineux wrote:
On Jan 22, 2008 8:46 AM, Tolun ARDAHANLI tolun.ardahanli@linux.org.tr
wrote:
Hi everybody...
How can I share my WAN ip to my LAN? How can I do that I really dont know...:( I am using linux long time ago but this kind I would like to do newly...
Buy a small router/modem, ask your ISP for suggestions. This is cheap (<100$), no need to keep your computer always turned on, very easy to configure if you nead more features (port forwarding for skype, games, p2p, ....), have some builtint feature (dhcp, DNS proxy). Also think about wireless ...... This is probably more secure, not because centos/linux is not, but because you dont know what you are doing.
Of course this is less fun
Well, I wasn't going to suggest, but since the topic of alternatives is open...
:-)
Of course the main idea is to avoid to have a non firewall dedicated linux (like centos is) configured by someone without to much network knowledge be in front of Internet.
If you have an older available computer laying around, check out IPCop
http://www.ipcop.org/free, has lots of features, runs reliably, I've been on it for years, as have others on this list. Biggest gripe I have is docs could be a little better - they tend to not get updated to stay up with the software.
Regards.
Can anybody help me about IP sharing in Centos?
thanks alot...
-- Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600
<snip sig stuff>
HTH
Bill
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Alain Spineux aspineux gmail com May the sources be with you _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hi again to everyone;
Guys your mails are very nice... i liked all of them...
let me give you about my system and my need(sorry for writing these late)...
I've got an IBM x3650 server which is open 7d/24h. It has got 2 ethernet card. I would like to connect my LAN to WAN over this machine...
LAN(there are 3machines): start ip:192.168.10.10 end ip: 192.168.10.12 gateway address of users:192.168.10.13(my server's LAN side ip address) LAN side Server ip: 192.168.10.13
WAN(this ip comes from behind of swicth. the switch is behind of firewall and firewall is behind of router): WAN side Server ip: 10.10.1.223 gateway address of Server:10.10.1.111
this is my network chances...:( i cant change them cause our company has strong rules for these addresses... I want to share my WAN side ip address to my LAN side...
How can I do that on my CENTos installed server?
thanks a lot to everybody...
2008/1/22, Dennis McLeod dmcleod@foranyauto.com:
I have an IPcop box setup at work. Using squidguard to keep customers from surfing porn while they are in our waiting room. (On a completely separate DSL connection..)
I have an Astaro Security Gateway setup at home (on a Dell p3 precision 220). Free home license, do FAR more than your typical broadband router. Not a small learning curve, though. Wireless is through a D-link DWL-7100(I think) access point in the attic. I have a Linksys wrt54g (original version) with openWRT, but it's just there for backup.....
Any of the above will accomplish your goal...
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Alain Spineux Sent: Tuesday, January 22, 2008 6:52 AM To: CentOS mailing list Subject: Re: [CentOS] How can i share my WAN ip to my LAN?
On Jan 22, 2008 3:17 PM, William L. Maltby CentOS4Bill@triad.rr.com wrote:
On Tue, 2008-01-22 at 14:49 +0100, Alain Spineux wrote:
On Jan 22, 2008 8:46 AM, Tolun ARDAHANLI <tolun.ardahanli@linux.org.tr
wrote:
Hi everybody...
How can I share my WAN ip to my LAN? How can I do that I really dont know...:( I am using linux long time ago but this kind I would like to do newly...
Buy a small router/modem, ask your ISP for suggestions. This is cheap (<100$), no need to keep your computer always turned on, very easy to configure if you nead more features (port forwarding for skype, games, p2p, ....), have some builtint feature (dhcp, DNS proxy). Also think about wireless ...... This is probably more secure, not because centos/linux is not, but because you dont know what you are doing.
Of course this is less fun
Well, I wasn't going to suggest, but since the topic of alternatives is open...
:-)
Of course the main idea is to avoid to have a non firewall dedicated linux (like centos is) configured by someone without to much network knowledge be in front of Internet.
If you have an older available computer laying around, check out IPCop
http://www.ipcop.org/free, has lots of features, runs reliably, I've been on it for years, as have others on this list. Biggest gripe I have is docs could be a little better - they tend to not get updated to stay up with the
software.
Regards.
Can anybody help me about IP sharing in Centos?
thanks alot...
-- Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600
<snip sig stuff>
HTH
Bill
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Alain Spineux aspineux gmail com May the sources be with you _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Jan 23, 2008 9:43 AM, Tolun ARDAHANLI tolun.ardahanli@linux.org.tr wrote:
Hi again to everyone;
Guys your mails are very nice... i liked all of them...
let me give you about my system and my need(sorry for writing these late)...
I've got an IBM x3650 server which is open 7d/24h. It has got 2 ethernet card. I would like to connect my LAN to WAN over this machine...
LAN(there are 3machines): start ip:192.168.10.10 end ip: 192.168.10.12 gateway address of users:192.168.10.13(my server's LAN side ip address) LAN side Server ip: 192.168.10.13
WAN(this ip comes from behind of swicth. the switch is behind of firewall and firewall is behind of router): WAN side Server ip: 10.10.1.223 gateway address of Server:10.10.1.111
this is my network chances...:( i cant change them cause our company has strong rules for these addresses... I want to share my WAN side ip address to my LAN side...
How can I do that on my CENTos installed server?
thanks a lot to everybody...
The short way, supposing your wan is secure and your wan interface is eth1:
Disable any firewall rules on your centos,
service iptables stop chkconfig iptables off
try these commands, and if this is working put them in your /etc/init.d/rc.local
# enable forwarding of packet between all interfaces echo 1 > /proc/sys/net/ipv4/ip_forward # config masquerading, any packet leaving eth1 will be masqueraded, taking eth1 address for source address. iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
Regards.
2008/1/22, Dennis McLeod <dmcleod@foranyauto.com >:
I have an IPcop box setup at work. Using squidguard to keep customers from surfing porn while they are in our waiting room. (On a completely separate DSL connection..)
I have an Astaro Security Gateway setup at home (on a Dell p3 precision 220). Free home license, do FAR more than your typical broadband router.
Not
a small learning curve, though. Wireless is through a D-link DWL-7100(I think) access point in the attic. I have a Linksys wrt54g (original version) with openWRT, but it's just
there
for backup.....
Any of the above will accomplish your goal...
-----Original Message----- From: centos-bounces@centos.org [mailto: centos-bounces@centos.org] On
Behalf
Of Alain Spineux Sent: Tuesday, January 22, 2008 6:52 AM To: CentOS mailing list Subject: Re: [CentOS] How can i share my WAN ip to my LAN?
On Jan 22, 2008 3:17 PM, William L. Maltby < CentOS4Bill@triad.rr.com>
wrote:
On Tue, 2008-01-22 at 14:49 +0100, Alain Spineux wrote:
On Jan 22, 2008 8:46 AM, Tolun ARDAHANLI <
tolun.ardahanli@linux.org.tr>
wrote:
Hi everybody...
How can I share my WAN ip to my LAN? How can I do that I really dont know...:( I am using linux long time ago but this kind I would like to do newly...
Buy a small router/modem, ask your ISP for suggestions. This is cheap (<100$), no need to keep your computer always turned on, very easy to configure if you nead more features (port forwarding for skype, games, p2p, ....), have some builtint feature (dhcp, DNS proxy). Also think about wireless ...... This is probably more secure, not because centos/linux is not, but because you dont know what you are doing.
Of course this is less fun
Well, I wasn't going to suggest, but since the topic of alternatives is open...
:-)
Of course the main idea is to avoid to have a non firewall dedicated linux (like centos is) configured by someone without to much network knowledge
be
in front of Internet.
If you have an older available computer laying around, check out IPCop
http://www.ipcop.org/free, has lots of features, runs reliably, I've been on it for years, as have others on this list. Biggest gripe I have is docs could be a little better - they tend to not get updated to stay up with the
software.
Regards.
Can anybody help me about IP sharing in Centos?
thanks alot...
-- Tolun ARDAHANLI Bilgisayar Muhendisi E-posta: tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600
<snip sig stuff>
HTH
Bill
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Alain Spineux aspineux gmail com May the sources be with you _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
--
Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600 _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Jan 24, 2008 5:42 AM, Alain Spineux aspineux@gmail.com wrote:
On Jan 23, 2008 9:43 AM, Tolun ARDAHANLI tolun.ardahanli@linux.org.tr wrote:
Hi again to everyone;
Guys your mails are very nice... i liked all of them...
let me give you about my system and my need(sorry for writing these late)...
I've got an IBM x3650 server which is open 7d/24h. It has got 2 ethernet card. I would like to connect my LAN to WAN over this machine...
LAN(there are 3machines): start ip:192.168.10.10 end ip: 192.168.10.12 gateway address of users:192.168.10.13(my server's LAN side ip address) LAN side Server ip: 192.168.10.13
WAN(this ip comes from behind of swicth. the switch is behind of firewall and firewall is behind of router): WAN side Server ip: 10.10.1.223 gateway address of Server:10.10.1.111
this is my network chances...:( i cant change them cause our company has strong rules for these addresses... I want to share my WAN side ip address to my LAN side...
How can I do that on my CENTos installed server?
thanks a lot to everybody...
The short way, supposing your wan is secure and your wan interface is eth1:
Disable any firewall rules on your centos,
service iptables stop chkconfig iptables off
try these commands, and if this is working put them in your /etc/init.d/rc.local
# enable forwarding of packet between all interfaces echo 1 > /proc/sys/net/ipv4/ip_forward # config masquerading, any packet leaving eth1 will be masqueraded, taking eth1 address for source address. iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
Another interesting way, is to setup only routing on your centos, and add (ask your network manager) the route of your internal network (I guess 192.168.10.8/29 through 192.168.10.13 ) on your firewall and maybe a similar one on your router if the firewall is not doing NAT. Then your firewall administrator can control the access to any of your internal machines or make some of them reachable from outside if for example you want to have a web server or an email server (this is not a good idea, but you get the idea). All of this without chnaging anything more on your centos router.
To route packet only, without doing NAT (aka MASQUERADING or HIDE-NAT) just use echo 1 > /proc/sys/net/ipv4/ip_forward
Regards
Regards.
2008/1/22, Dennis McLeod <dmcleod@foranyauto.com >:
I have an IPcop box setup at work. Using squidguard to keep customers from surfing porn while they are in our waiting room. (On a completely separate DSL connection..)
I have an Astaro Security Gateway setup at home (on a Dell p3 precision 220). Free home license, do FAR more than your typical broadband router.
Not
a small learning curve, though. Wireless is through a D-link DWL-7100(I think) access point in the attic. I have a Linksys wrt54g (original version) with openWRT, but it's just
there
for backup.....
Any of the above will accomplish your goal...
-----Original Message----- From: centos-bounces@centos.org [mailto: centos-bounces@centos.org] On
Behalf
Of Alain Spineux Sent: Tuesday, January 22, 2008 6:52 AM To: CentOS mailing list Subject: Re: [CentOS] How can i share my WAN ip to my LAN?
On Jan 22, 2008 3:17 PM, William L. Maltby < CentOS4Bill@triad.rr.com>
wrote:
On Tue, 2008-01-22 at 14:49 +0100, Alain Spineux wrote:
On Jan 22, 2008 8:46 AM, Tolun ARDAHANLI <
tolun.ardahanli@linux.org.tr>
wrote:
Hi everybody...
How can I share my WAN ip to my LAN? How can I do that I really dont know...:( I am using linux long time ago but this kind I would like to do newly...
Buy a small router/modem, ask your ISP for suggestions. This is cheap (<100$), no need to keep your computer always turned on, very easy to configure if you nead more features (port forwarding for skype, games, p2p, ....), have some builtint feature (dhcp, DNS proxy). Also think about wireless ...... This is probably more secure, not because centos/linux is not, but because you dont know what you are doing.
Of course this is less fun
Well, I wasn't going to suggest, but since the topic of alternatives is open...
:-)
Of course the main idea is to avoid to have a non firewall dedicated linux (like centos is) configured by someone without to much network knowledge
be
in front of Internet.
If you have an older available computer laying around, check out IPCop
http://www.ipcop.org/free, has lots of features, runs reliably, I've been on it for years, as have others on this list. Biggest gripe I have is docs could be a little better - they tend to not get updated to stay up with the
software.
Regards.
Can anybody help me about IP sharing in Centos?
thanks alot...
-- Tolun ARDAHANLI Bilgisayar Muhendisi E-posta: tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600
<snip sig stuff>
HTH
Bill
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Alain Spineux aspineux gmail com May the sources be with you _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
--
Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600 _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Alain Spineux aspineux gmail com May the sources be with you
Thank you for all really I solved the forward/ip sharing problem...
But I see there is other problem with that like this;
This is my network structure now; LAN(there are 3machines): start ip:192.168.1.10 http://192.168.10.10/ end ip: 192.168.1.12 http://192.168.10.12/ gateway address of users: 192.168.1.100 (my server's LAN side ip address) LAN side Server ip: 192.168.1.100 http://192.168.10.13/
WAN(this ip comes from behind of swicth. the switch is behind of firewall and firewall is behind of router): WAN side Server ip: 192.168.10.13 http://10.10.1.223/ gateway address of Server:192.168.10.1 http://10.10.1.111/
And here is the problem i thing; The users from inside(LAN) can reach from server's WAN side ip(192.168.10.13) and they can ping it and they can take a services which is for LAN services(like ssh...etc).
I agree that pinging from LAN to gateway address(192.168.10.1). But I cant agree that pinging to server's WAN address(192.168.10.13). Do I thing wrong at this point? and last question is about how can I close/stop services for WAN side?
thanks to all of you...
sincerely yours...
2008/1/24, Alain Spineux aspineux@gmail.com:
On Jan 24, 2008 5:42 AM, Alain Spineux aspineux@gmail.com wrote:
On Jan 23, 2008 9:43 AM, Tolun ARDAHANLI tolun.ardahanli@linux.org.tr
wrote:
Hi again to everyone;
Guys your mails are very nice... i liked all of them...
let me give you about my system and my need(sorry for writing these
late)...
I've got an IBM x3650 server which is open 7d/24h. It has got 2
ethernet
card. I would like to connect my LAN to WAN over this machine...
LAN(there are 3machines): start ip:192.168.10.10 end ip: 192.168.10.12 gateway address of users:192.168.10.13(my server's LAN side ip
address)
LAN side Server ip: 192.168.10.13
WAN(this ip comes from behind of swicth. the switch is behind of
firewall
and firewall is behind of router): WAN side Server ip: 10.10.1.223 gateway address of Server:10.10.1.111
this is my network chances...:( i cant change them cause our company
has
strong rules for these addresses... I want to share my WAN side ip
address
to my LAN side...
How can I do that on my CENTos installed server?
thanks a lot to everybody...
The short way, supposing your wan is secure and your wan interface is
eth1:
Disable any firewall rules on your centos,
service iptables stop chkconfig iptables off
try these commands, and if this is working put them in your
/etc/init.d/rc.local
# enable forwarding of packet between all interfaces echo 1 > /proc/sys/net/ipv4/ip_forward # config masquerading, any packet leaving eth1 will be masqueraded, taking eth1 address for source address. iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
Another interesting way, is to setup only routing on your centos, and add (ask your network manager) the route of your internal network (I guess 192.168.10.8/29 through 192.168.10.13 ) on your firewall and maybe a similar one on your router if the firewall is not doing NAT. Then your firewall administrator can control the access to any of your internal machines or make some of them reachable from outside if for example you want to have a web server or an email server (this is not a good idea, but you get the idea). All of this without chnaging anything more on your centos router.
To route packet only, without doing NAT (aka MASQUERADING or HIDE-NAT) just use echo 1 > /proc/sys/net/ipv4/ip_forward
Regards
Regards.
2008/1/22, Dennis McLeod <dmcleod@foranyauto.com >:
I have an IPcop box setup at work. Using squidguard to keep
customers from
surfing porn while they are in our waiting room. (On a completely
separate
DSL connection..)
I have an Astaro Security Gateway setup at home (on a Dell p3
precision
220). Free home license, do FAR more than your typical broadband
router.
Not
a small learning curve, though. Wireless is through a D-link
DWL-7100(I
think) access point in the attic. I have a Linksys wrt54g (original version) with openWRT, but it's
just
there
for backup.....
Any of the above will accomplish your goal...
-----Original Message----- From: centos-bounces@centos.org [mailto: centos-bounces@centos.org]
On
Behalf
Of Alain Spineux Sent: Tuesday, January 22, 2008 6:52 AM To: CentOS mailing list Subject: Re: [CentOS] How can i share my WAN ip to my LAN?
On Jan 22, 2008 3:17 PM, William L. Maltby <
CentOS4Bill@triad.rr.com>
wrote:
On Tue, 2008-01-22 at 14:49 +0100, Alain Spineux wrote:
On Jan 22, 2008 8:46 AM, Tolun ARDAHANLI <
tolun.ardahanli@linux.org.tr>
wrote:
> Hi everybody... > > How can I share my WAN ip to my LAN? How can I do that I
really
> dont know...:( I am using linux long time ago but this kind I > would like to do newly...
Buy a small router/modem, ask your ISP for suggestions. This is cheap (<100$), no need to keep your computer always
turned
on, very easy to configure if you nead more features (port forwarding for skype, games, p2p, ....), have some builtint
feature
(dhcp, DNS proxy). Also think about wireless ...... This is probably more secure, not because centos/linux is not,
but
because you dont know what you are doing.
Of course this is less fun
Well, I wasn't going to suggest, but since the topic of
alternatives
is open...
:-)
Of course the main idea is to avoid to have a non firewall dedicated
linux
(like centos is) configured by someone without to much network
knowledge
be
in front of Internet.
If you have an older available computer laying around, check out
IPCop
http://www.ipcop.org/free, has lots of features, runs reliably, I've been on it for
years,
as have others on this list. Biggest gripe I have is docs could be
a
little better - they tend to not get updated to stay up with the
software.
Regards.
> > Can anybody help me about IP sharing in Centos? > > thanks alot... > > > -- > Tolun ARDAHANLI > Bilgisayar Muhendisi > E-posta: tolun.ardahanli@linux.org.tr > Icq:326600 > >
> ---------- > > Tolun ARDAHANLI > Computer Engineer > E-mail:tolun.ardahanli@linux.org.tr > Icq:326600 ><snip sig stuff>
HTH
Bill
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Alain Spineux aspineux gmail com May the sources be with you _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
--
Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600 _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Alain Spineux aspineux gmail com May the sources be with you
-- Alain Spineux aspineux gmail com May the sources be with you _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Tolun ARDAHANLI wrote:
WAN(this ip comes from behind of swicth. the switch is behind of firewall and firewall is behind of router): WAN side Server ip: 192.168.10.13 http://10.10.1.223/ gateway address of Server:192.168.10.1 http://10.10.1.111/
if you already have a router/firewall and a switch on the internet side, what is this CentOS system doing in the middle? why not just hook everything up to the same switch and let them all run with IP's from your existing router?
this is what you're describing...
internet -> router -> firewall -> switch----192.168.1.0/24 ---> centos server -----192.168.10.0/24----> LAN systems
why not....
internet -> router -> firewall -> switch ----192.168.1.0/24---> LAN including centos server
?
On Jan 25, 2008 9:37 AM, Tolun ARDAHANLI tolun.ardahanli@linux.org.tr wrote:
Thank you for all really I solved the forward/ip sharing problem...
But I see there is other problem with that like this;
This is my network structure now; LAN(there are 3machines): start ip:192.168.1.10 end ip: 192.168.1.12 gateway address of users: 192.168.1.100 (my server's LAN side ip address) LAN side Server ip: 192.168.1.100
WAN(this ip comes from behind of swicth. the switch is behind of firewall and firewall is behind of router): WAN side Server ip: 192.168.10.13 gateway address of Server:192.168.10.1
And here is the problem i thing; The users from inside(LAN) can reach from server's WAN side ip(192.168.10.13) and they can ping it and they can take a services which is for LAN services(like ssh...etc).
I agree that pinging from LAN to gateway address(192.168.10.1). But I cant agree that pinging to server's WAN address(192.168.10.13). Do I thing wrong at this point? and last question is about how can I close/stop services for WAN side?
I dont understant! WHO is (OR CANNOT) pinging 192.168.10.13 or can (OR CANNOT) access the service ? LAN or WAN ?
thanks to all of you...
sincerely yours...
2008/1/24, Alain Spineux aspineux@gmail.com:
On Jan 24, 2008 5:42 AM, Alain Spineux aspineux@gmail.com wrote:
On Jan 23, 2008 9:43 AM, Tolun ARDAHANLI tolun.ardahanli@linux.org.tr
wrote:
Hi again to everyone;
Guys your mails are very nice... i liked all of them...
let me give you about my system and my need(sorry for writing these
late)...
I've got an IBM x3650 server which is open 7d/24h. It has got 2
ethernet
card. I would like to connect my LAN to WAN over this machine...
LAN(there are 3machines): start ip:192.168.10.10 end ip: 192.168.10.12 gateway address of users:192.168.10.13(my server's LAN side ip
address)
LAN side Server ip: 192.168.10.13
WAN(this ip comes from behind of swicth. the switch is behind of
firewall
and firewall is behind of router): WAN side Server ip: 10.10.1.223 gateway address of Server:10.10.1.111
this is my network chances...:( i cant change them cause our company
has
strong rules for these addresses... I want to share my WAN side ip
address
to my LAN side...
How can I do that on my CENTos installed server?
thanks a lot to everybody...
The short way, supposing your wan is secure and your wan interface is
eth1:
Disable any firewall rules on your centos,
service iptables stop chkconfig iptables off
try these commands, and if this is working put them in your
/etc/init.d/rc.local
# enable forwarding of packet between all interfaces echo 1 > /proc/sys/net/ipv4/ip_forward # config masquerading, any packet leaving eth1 will be masqueraded, taking eth1 address for source address. iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
Another interesting way, is to setup only routing on your centos, and add (ask your network manager) the route of your internal network (I guess 192.168.10.8/29 through 192.168.10.13 ) on your firewall and maybe a similar one on your router if the firewall is not doing NAT. Then your firewall administrator can control the access to any of your internal machines or make some of them reachable from outside if for example you want to have a web server or an email server (this is not a good idea, but you get the idea). All of this without chnaging anything more on your centos router.
To route packet only, without doing NAT (aka MASQUERADING or HIDE-NAT) just use echo 1 > /proc/sys/net/ipv4/ip_forward
Regards
Regards.
2008/1/22, Dennis McLeod <dmcleod@foranyauto.com >:
I have an IPcop box setup at work. Using squidguard to keep
customers from
surfing porn while they are in our waiting room. (On a completely
separate
DSL connection..)
I have an Astaro Security Gateway setup at home (on a Dell p3
precision
220). Free home license, do FAR more than your typical broadband
router.
Not
a small learning curve, though. Wireless is through a D-link
DWL-7100(I
think) access point in the attic. I have a Linksys wrt54g (original version) with openWRT, but it's
just
there
for backup.....
Any of the above will accomplish your goal...
-----Original Message----- From: centos-bounces@centos.org [mailto: centos-bounces@centos.org]
On
Behalf
Of Alain Spineux Sent: Tuesday, January 22, 2008 6:52 AM To: CentOS mailing list Subject: Re: [CentOS] How can i share my WAN ip to my LAN?
On Jan 22, 2008 3:17 PM, William L. Maltby <
CentOS4Bill@triad.rr.com>
wrote:
On Tue, 2008-01-22 at 14:49 +0100, Alain Spineux wrote: > On Jan 22, 2008 8:46 AM, Tolun ARDAHANLI <
tolun.ardahanli@linux.org.tr>
wrote:
> > Hi everybody... > > > > How can I share my WAN ip to my LAN? How can I do that I
really
> > dont know...:( I am using linux long time ago but this kind I > > would like to do newly... > > Buy a small router/modem, ask your ISP for suggestions. > This is cheap (<100$), no need to keep your computer always
turned
> on, very easy to configure if you nead more features (port > forwarding for skype, games, p2p, ....), have some builtint
feature
> (dhcp, DNS proxy). Also think about wireless ...... > This is probably more secure, not because centos/linux is not,
but
> because you dont know what you are doing. > > Of course this is less fun
Well, I wasn't going to suggest, but since the topic of
alternatives
is open...
:-)
Of course the main idea is to avoid to have a non firewall dedicated
linux
(like centos is) configured by someone without to much network
knowledge
be
in front of Internet.
If you have an older available computer laying around, check out
IPCop
http://www.ipcop.org/free, has lots of features, runs reliably, I've been on it for
years,
as have others on this list. Biggest gripe I have is docs could be
a
little better - they tend to not get updated to stay up with the
software.
> > Regards. > > > > > Can anybody help me about IP sharing in Centos? > > > > thanks alot... > > > > > > -- > > Tolun ARDAHANLI > > Bilgisayar Muhendisi > > E-posta: tolun.ardahanli@linux.org.tr > > Icq:326600 > > > >
> > ---------- > > > > Tolun ARDAHANLI > > Computer Engineer > > E-mail:tolun.ardahanli@linux.org.tr > > Icq:326600 > ><snip sig stuff>
HTH
Bill
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Alain Spineux aspineux gmail com May the sources be with you _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
--
Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600 _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Alain Spineux aspineux gmail com May the sources be with you
-- Alain Spineux aspineux gmail com May the sources be with you _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600 _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hi guys;
OK let me explain like this...
We had a problem with our General network administration and our General network cant be managed so well(Cause of our IT manager is not so good about administration on our network). that is why i thing that our department's users must be separated from General LAN(Cause of our Generel LAN effected to our working performance). After that we separated our users to another subnet(192.168.1.xxx).
Right now all of my departments member joined to our server(Centos5.1) and all of them joins to internet over our server... We solved the problem together if you read all mails in this subject...
I thing Only problem is that "our members must not to reach server's internet side ip(192.168.10.13)" am i right for that? and other question is about "how can i stop the ssh service for the internet side ip(192.168.10.13)"?
I am not a network engineer... I am just a software engineer... I am trying to do our project on Linux systems... I cant focus so deeply on network administration... Only I can do your advise... not else... Cause I can't spent time for that(I want but I can't)..:(
I hope that I explained it well...;)...
thanks to all...
sincerely yours...
2008/1/25, Alain Spineux aspineux@gmail.com:
On Jan 25, 2008 9:37 AM, Tolun ARDAHANLI tolun.ardahanli@linux.org.tr wrote:
Thank you for all really I solved the forward/ip sharing problem...
But I see there is other problem with that like this;
This is my network structure now; LAN(there are 3machines): start ip:192.168.1.10 end ip: 192.168.1.12 gateway address of users: 192.168.1.100 (my server's LAN side ip
address)
LAN side Server ip: 192.168.1.100
WAN(this ip comes from behind of swicth. the switch is behind of
firewall
and firewall is behind of router): WAN side Server ip: 192.168.10.13 gateway address of Server:192.168.10.1
And here is the problem i thing; The users from inside(LAN) can reach from server's WAN side ip(192.168.10.13) and they can ping it and they can take a services
which is
for LAN services(like ssh...etc).
I agree that pinging from LAN to gateway address(192.168.10.1). But I
cant
agree that pinging to server's WAN address(192.168.10.13). Do I thing
wrong
at this point? and last question is about how can I close/stop services
for
WAN side?
I dont understant! WHO is (OR CANNOT) pinging 192.168.10.13 or can (OR CANNOT) access the service ? LAN or WAN ?
thanks to all of you...
sincerely yours...
2008/1/24, Alain Spineux aspineux@gmail.com:
On Jan 24, 2008 5:42 AM, Alain Spineux aspineux@gmail.com wrote:
On Jan 23, 2008 9:43 AM, Tolun ARDAHANLI <
tolun.ardahanli@linux.org.tr>
wrote:
Hi again to everyone;
Guys your mails are very nice... i liked all of them...
let me give you about my system and my need(sorry for writing
these
late)...
I've got an IBM x3650 server which is open 7d/24h. It has got 2
ethernet
card. I would like to connect my LAN to WAN over this machine...
LAN(there are 3machines): start ip:192.168.10.10 end ip: 192.168.10.12 gateway address of users:192.168.10.13(my server's LAN side ip
address)
LAN side Server ip: 192.168.10.13
WAN(this ip comes from behind of swicth. the switch is behind of
firewall
and firewall is behind of router): WAN side Server ip: 10.10.1.223 gateway address of Server:10.10.1.111
this is my network chances...:( i cant change them cause our
company
has
strong rules for these addresses... I want to share my WAN side ip
address
to my LAN side...
How can I do that on my CENTos installed server?
thanks a lot to everybody...
The short way, supposing your wan is secure and your wan interface
is
eth1:
Disable any firewall rules on your centos,
service iptables stop chkconfig iptables off
try these commands, and if this is working put them in your
/etc/init.d/rc.local
# enable forwarding of packet between all interfaces echo 1 > /proc/sys/net/ipv4/ip_forward # config masquerading, any packet leaving eth1 will be masqueraded, taking eth1 address for source address. iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
Another interesting way, is to setup only routing on your centos, and add (ask your network manager) the route of your internal network (I guess 192.168.10.8/29 through 192.168.10.13 ) on your firewall and maybe a similar one on your router if the firewall is not doing NAT. Then your firewall administrator can control the access to any of your internal machines or make some of them reachable from outside if for example you want to have a web server or an email server (this is not a good idea, but you get the idea). All of this without chnaging anything more on your centos router.
To route packet only, without doing NAT (aka MASQUERADING or
HIDE-NAT)
just use echo 1 > /proc/sys/net/ipv4/ip_forward
Regards
Regards.
2008/1/22, Dennis McLeod <dmcleod@foranyauto.com >:
I have an IPcop box setup at work. Using squidguard to keep
customers from
surfing porn while they are in our waiting room. (On a
completely
separate
DSL connection..)
I have an Astaro Security Gateway setup at home (on a Dell p3
precision
220). Free home license, do FAR more than your typical broadband
router.
Not
a small learning curve, though. Wireless is through a D-link
DWL-7100(I
think) access point in the attic. I have a Linksys wrt54g (original version) with openWRT, but
it's
just
there
for backup.....
Any of the above will accomplish your goal...
-----Original Message----- From: centos-bounces@centos.org [mailto:
centos-bounces@centos.org]
On
Behalf
Of Alain Spineux Sent: Tuesday, January 22, 2008 6:52 AM To: CentOS mailing list Subject: Re: [CentOS] How can i share my WAN ip to my LAN?
On Jan 22, 2008 3:17 PM, William L. Maltby <
CentOS4Bill@triad.rr.com>
wrote:
> On Tue, 2008-01-22 at 14:49 +0100, Alain Spineux wrote: > > On Jan 22, 2008 8:46 AM, Tolun ARDAHANLI <
tolun.ardahanli@linux.org.tr>
wrote: > > > Hi everybody... > > > > > > How can I share my WAN ip to my LAN? How can I do that I
really
> > > dont know...:( I am using linux long time ago but this
kind I
> > > would like to do newly... > > > > Buy a small router/modem, ask your ISP for suggestions. > > This is cheap (<100$), no need to keep your computer always
turned
> > on, very easy to configure if you nead more features (port > > forwarding for skype, games, p2p, ....), have some builtint
feature
> > (dhcp, DNS proxy). Also think about wireless ...... > > This is probably more secure, not because centos/linux is
not,
but
> > because you dont know what you are doing. > > > > Of course this is less fun > > Well, I wasn't going to suggest, but since the topic of
alternatives
> is open...
:-)
Of course the main idea is to avoid to have a non firewall
dedicated
linux
(like centos is) configured by someone without to much network
knowledge
be
in front of Internet.
> > If you have an older available computer laying around, check
out
IPCop
> > http://www.ipcop.org/ > > free, has lots of features, runs reliably, I've been on it for
years,
> as have others on this list. Biggest gripe I have is docs
could be
a
> little better - they tend to not get updated to stay up with
the
software.
> > > > > Regards. > > > > > > > > Can anybody help me about IP sharing in Centos? > > > > > > thanks alot... > > > > > > > > > -- > > > Tolun ARDAHANLI > > > Bilgisayar Muhendisi > > > E-posta: tolun.ardahanli@linux.org.tr > > > Icq:326600 > > > > > >
> > > ---------- > > > > > > Tolun ARDAHANLI > > > Computer Engineer > > > E-mail:tolun.ardahanli@linux.org.tr > > > Icq:326600 > > ><snip sig stuff> > > HTH > -- > Bill > > > _______________________________________________ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos >
-- Alain Spineux aspineux gmail com May the sources be with you _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
--
Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600 _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Alain Spineux aspineux gmail com May the sources be with you
-- Alain Spineux aspineux gmail com May the sources be with you _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600 _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Alain Spineux aspineux gmail com May the sources be with you _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Tolun ARDAHANLI wrote:
I am not a network engineer... I am just a software engineer... I am trying to do our project on Linux systems... I cant focus so deeply on network administration... Only I can do your advise... not else... Cause I can't spent time for that(I want but I can't)..:(
then, you'll either need to take the time to learn networking and firewall routing, or hire someone to setup and administer this for you. or, ideally, get your existing network administrators to satisfy your requirements, this may require intervention by upper management.
Thanks for adv...
I have another question....;)
Here is a result of iptables -L command; ******************************************************************************************************************** Chain INPUT (policy ACCEPT) target prot opt source destination DROP tcp -- anywhere 192.168.10.13 tcp dpt:ssh DROP tcp -- anywhere 192.168.10.13 tcp dpt:ncube-lm
Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT) target prot opt source destination ********************************************************************************************************************
how can I modify "ACCEPT all -- anywhere anywhere" line?
I want to do it like that(of course if it is posible...) Chain FORWARD (policy ACCEPT) target prot opt source destination "ACCEPT http/https -- LAN/eth1 anywhere "
thanks a lot to everyone...
2008/1/28, John R Pierce pierce@hogranch.com:
Tolun ARDAHANLI wrote:
I am not a network engineer... I am just a software engineer... I am trying to do our project on Linux systems... I cant focus so deeply on network administration... Only I can do your advise... not else... Cause I can't spent time for that(I want but I can't)..:(
then, you'll either need to take the time to learn networking and firewall routing, or hire someone to setup and administer this for you. or, ideally, get your existing network administrators to satisfy your requirements, this may require intervention by upper management.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Jan 28, 2008 8:45 AM, Tolun ARDAHANLI tolun.ardahanli@linux.org.tr wrote:
Hi guys;
OK let me explain like this...
We had a problem with our General network administration and our General network cant be managed so well(Cause of our IT manager is not so good about administration on our network). that is why i thing that our department's users must be separated from General LAN(Cause of our Generel LAN effected to our working performance). After that we separated our users to another subnet(192.168.1.xxx).
Right now all of my departments member joined to our server(Centos5.1) and all of them joins to internet over our server... We solved the problem together if you read all mails in this subject...
I thing Only problem is that "our members must not to reach server's internet side ip(192.168.10.13)" am i right for that?
192.168.10.13 and 192.168.1.100 refer the same centos server! Right ? Then this is the default behavior for a linux to answer requests on one interface, even if the request is for one address on another interface.
and other question is about "how can i stop the ssh service for the internet side ip(192.168.10.13)"?
2 possibilities
using iptables to reject/drop any packet coming from eth1 (or eth0)
iptables -t filter -A INPUT -p tcp -i eth1 --dport 22 -j DROP
Or force sshd to bind only to the internal address, this is ListenAddress in sshd config: man sshd_config for more
Regards.
I am not a network engineer... I am just a software engineer... I am trying to do our project on Linux systems... I cant focus so deeply on network administration... Only I can do your advise... not else... Cause I can't spent time for that(I want but I can't)..:(
I hope that I explained it well...;)...
thanks to all...
sincerely yours...
2008/1/25, Alain Spineux aspineux@gmail.com:
On Jan 25, 2008 9:37 AM, Tolun ARDAHANLI tolun.ardahanli@linux.org.tr
wrote:
Thank you for all really I solved the forward/ip sharing problem...
But I see there is other problem with that like this;
This is my network structure now; LAN(there are 3machines): start ip:192.168.1.10 end ip: 192.168.1.12 gateway address of users: 192.168.1.100 (my server's LAN side ip
address)
LAN side Server ip: 192.168.1.100
WAN(this ip comes from behind of swicth. the switch is behind of
firewall
and firewall is behind of router): WAN side Server ip: 192.168.10.13 gateway address of Server:192.168.10.1
And here is the problem i thing; The users from inside(LAN) can reach from server's WAN side ip(192.168.10.13) and they can ping it and they can take a services
which is
for LAN services(like ssh...etc).
I agree that pinging from LAN to gateway address(192.168.10.1). But I
cant
agree that pinging to server's WAN address(192.168.10.13). Do I thing
wrong
at this point? and last question is about how can I close/stop services
for
WAN side?
I dont understant! WHO is (OR CANNOT) pinging 192.168.10.13 or can (OR CANNOT) access the service ? LAN or WAN ?
thanks to all of you...
sincerely yours...
2008/1/24, Alain Spineux aspineux@gmail.com:
On Jan 24, 2008 5:42 AM, Alain Spineux aspineux@gmail.com wrote:
On Jan 23, 2008 9:43 AM, Tolun ARDAHANLI
wrote:
Hi again to everyone;
Guys your mails are very nice... i liked all of them...
let me give you about my system and my need(sorry for writing
these
late)...
I've got an IBM x3650 server which is open 7d/24h. It has got 2
ethernet
card. I would like to connect my LAN to WAN over this machine...
LAN(there are 3machines): start ip:192.168.10.10 end ip: 192.168.10.12 gateway address of users:192.168.10.13(my server's LAN side ip
address)
LAN side Server ip: 192.168.10.13
WAN(this ip comes from behind of swicth. the switch is behind of
firewall
and firewall is behind of router): WAN side Server ip: 10.10.1.223 gateway address of Server:10.10.1.111
this is my network chances...:( i cant change them cause our
company
has
strong rules for these addresses... I want to share my WAN side ip
address
to my LAN side...
How can I do that on my CENTos installed server?
thanks a lot to everybody...
The short way, supposing your wan is secure and your wan interface
is
eth1:
Disable any firewall rules on your centos,
service iptables stop chkconfig iptables off
try these commands, and if this is working put them in your
/etc/init.d/rc.local
# enable forwarding of packet between all interfaces echo 1 > /proc/sys/net/ipv4/ip_forward # config masquerading, any packet leaving eth1 will be masqueraded, taking eth1 address for source address. iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
Another interesting way, is to setup only routing on your centos, and add (ask your network manager) the route of your internal network (I guess 192.168.10.8/29 through 192.168.10.13 ) on your firewall and maybe a similar one on your router if the firewall is not doing NAT. Then your firewall administrator can control the access to any of your internal machines or make some of them reachable from outside if for example you want to have a web server or an email server (this is not a good idea, but you get the idea). All of this without chnaging anything more on your centos router.
To route packet only, without doing NAT (aka MASQUERADING or
HIDE-NAT)
just use echo 1 > /proc/sys/net/ipv4/ip_forward
Regards
Regards.
2008/1/22, Dennis McLeod <dmcleod@foranyauto.com >:
> I have an IPcop box setup at work. Using squidguard to keep
customers from
> surfing porn while they are in our waiting room. (On a
completely
separate
> DSL connection..) > > I have an Astaro Security Gateway setup at home (on a Dell p3
precision
> 220). Free home license, do FAR more than your typical broadband
router.
Not > a small learning curve, though. Wireless is through a D-link
DWL-7100(I
> think) access point in the attic. > I have a Linksys wrt54g (original version) with openWRT, but
it's
just
there > for backup..... > > Any of the above will accomplish your goal... > > > > > -----Original Message----- > From: centos-bounces@centos.org [mailto:
centos-bounces@centos.org]
On
Behalf > Of Alain Spineux > Sent: Tuesday, January 22, 2008 6:52 AM > To: CentOS mailing list > Subject: Re: [CentOS] How can i share my WAN ip to my LAN? > > On Jan 22, 2008 3:17 PM, William L. Maltby <
CentOS4Bill@triad.rr.com>
wrote: > > On Tue, 2008-01-22 at 14:49 +0100, Alain Spineux wrote: > > > On Jan 22, 2008 8:46 AM, Tolun ARDAHANLI < tolun.ardahanli@linux.org.tr> > wrote: > > > > Hi everybody... > > > > > > > > How can I share my WAN ip to my LAN? How can I do that I
really
> > > > dont know...:( I am using linux long time ago but this
kind I
> > > > would like to do newly... > > > > > > Buy a small router/modem, ask your ISP for suggestions. > > > This is cheap (<100$), no need to keep your computer always
turned
> > > on, very easy to configure if you nead more features (port > > > forwarding for skype, games, p2p, ....), have some builtint
feature
> > > (dhcp, DNS proxy). Also think about wireless ...... > > > This is probably more secure, not because centos/linux is
not,
but
> > > because you dont know what you are doing. > > > > > > Of course this is less fun > > > > Well, I wasn't going to suggest, but since the topic of
alternatives
> > is open... > > :-) > > Of course the main idea is to avoid to have a non firewall
dedicated
linux
> (like centos is) configured by someone without to much network
knowledge
be > in front of Internet. > > > > > If you have an older available computer laying around, check
out
IPCop
> > > > http://www.ipcop.org/ > > > > free, has lots of features, runs reliably, I've been on it for
years,
> > as have others on this list. Biggest gripe I have is docs
could be
a
> > little better - they tend to not get updated to stay up with
the
software. > > > > > > > > Regards. > > > > > > > > > > > Can anybody help me about IP sharing in Centos? > > > > > > > > thanks alot... > > > > > > > > > > > > -- > > > > Tolun ARDAHANLI > > > > Bilgisayar Muhendisi > > > > E-posta: tolun.ardahanli@linux.org.tr > > > > Icq:326600 > > > > > > > >
> > > > ---------- > > > > > > > > Tolun ARDAHANLI > > > > Computer Engineer > > > > E-mail:tolun.ardahanli@linux.org.tr > > > > Icq:326600 > > > ><snip sig stuff> > > > > HTH > > -- > > Bill > > > > > > _______________________________________________ > > CentOS mailing list > > CentOS@centos.org > > http://lists.centos.org/mailman/listinfo/centos > > > > > > -- > Alain Spineux > aspineux gmail com > May the sources be with you > _______________________________________________ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > > _______________________________________________ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos >
--
Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600 _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Alain Spineux aspineux gmail com May the sources be with you
-- Alain Spineux aspineux gmail com May the sources be with you _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600 _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Alain Spineux aspineux gmail com May the sources be with you _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600 _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hi;
Thanks... I solved this problem also... thank you Alain... Here is my iptables -L result... ********************************************************************************************************************** # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination DROP tcp -- anywhere 192.168.10.13 tcp dpt:ssh DROP tcp -- anywhere 192.168.10.13 tcp dpt:ncube-lm
Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT) target prot opt source destination **********************************************************************************************************************
how can I change FORWARD policy to accepting only http, https?
Thanks for all...
sincerely yours...
2008/1/29, Alain Spineux aspineux@gmail.com:
On Jan 28, 2008 8:45 AM, Tolun ARDAHANLI tolun.ardahanli@linux.org.tr wrote:
Hi guys;
OK let me explain like this...
We had a problem with our General network administration and our General network cant be managed so well(Cause of our IT manager is not so good
about
administration on our network). that is why i thing that our
department's
users must be separated from General LAN(Cause of our Generel LAN
effected
to our working performance). After that we separated our users to
another
subnet(192.168.1.xxx).
Right now all of my departments member joined to our server(Centos5.1)
and
all of them joins to internet over our server... We solved the problem together if you read all mails in this subject...
I thing Only problem is that "our members must not to reach server's internet side ip(192.168.10.13)" am i right for that?
192.168.10.13 and 192.168.1.100 refer the same centos server! Right ? Then this is the default behavior for a linux to answer requests on one interface, even if the request is for one address on another interface.
and other question is about "how can i stop the ssh service for the internet side ip(192.168.10.13)"?
2 possibilities
using iptables to reject/drop any packet coming from eth1 (or eth0)
iptables -t filter -A INPUT -p tcp -i eth1 --dport 22 -j DROP
Or force sshd to bind only to the internal address, this is ListenAddress in sshd config: man sshd_config for more
Regards.
I am not a network engineer... I am just a software engineer... I am
trying
to do our project on Linux systems... I cant focus so deeply on network administration... Only I can do your advise... not else... Cause I can't spent time for that(I want but I can't)..:(
I hope that I explained it well...;)...
thanks to all...
sincerely yours...
2008/1/25, Alain Spineux aspineux@gmail.com:
On Jan 25, 2008 9:37 AM, Tolun ARDAHANLI <tolun.ardahanli@linux.org.tr
wrote:
Thank you for all really I solved the forward/ip sharing problem...
But I see there is other problem with that like this;
This is my network structure now; LAN(there are 3machines): start ip:192.168.1.10 end ip: 192.168.1.12 gateway address of users: 192.168.1.100 (my server's LAN side ip
address)
LAN side Server ip: 192.168.1.100
WAN(this ip comes from behind of swicth. the switch is behind of
firewall
and firewall is behind of router): WAN side Server ip: 192.168.10.13 gateway address of Server:192.168.10.1
And here is the problem i thing; The users from inside(LAN) can reach from server's WAN side ip(192.168.10.13) and they can ping it and they can take a services
which is
for LAN services(like ssh...etc).
I agree that pinging from LAN to gateway address(192.168.10.1). But
I
cant
agree that pinging to server's WAN address(192.168.10.13). Do I
thing
wrong
at this point? and last question is about how can I close/stop
services
for
WAN side?
I dont understant! WHO is (OR CANNOT) pinging 192.168.10.13 or can (OR CANNOT) access the service ? LAN or WAN ?
thanks to all of you...
sincerely yours...
2008/1/24, Alain Spineux aspineux@gmail.com:
On Jan 24, 2008 5:42 AM, Alain Spineux aspineux@gmail.com wrote:
On Jan 23, 2008 9:43 AM, Tolun ARDAHANLI
wrote:
> Hi again to everyone; > > Guys your mails are very nice... i liked all of them... > > let me give you about my system and my need(sorry for writing
these
late)...
> > I've got an IBM x3650 server which is open 7d/24h. It has got
2
ethernet
> card. I would like to connect my LAN to WAN over this
machine...
> > LAN(there are 3machines): > start ip:192.168.10.10 > end ip: 192.168.10.12 > gateway address of users:192.168.10.13(my server's LAN side ip
address)
> LAN side Server ip: 192.168.10.13 > > WAN(this ip comes from behind of swicth. the switch is behind
of
firewall
> and firewall is behind of router): > WAN side Server ip: 10.10.1.223 > gateway address of Server:10.10.1.111 > > this is my network chances...:( i cant change them cause our
company
has
> strong rules for these addresses... I want to share my WAN
side ip
address
> to my LAN side... > > How can I do that on my CENTos installed server? > > thanks a lot to everybody...
The short way, supposing your wan is secure and your wan
interface
is
eth1:
Disable any firewall rules on your centos,
service iptables stop chkconfig iptables off
try these commands, and if this is working put them in your
/etc/init.d/rc.local
# enable forwarding of packet between all interfaces echo 1 > /proc/sys/net/ipv4/ip_forward # config masquerading, any packet leaving eth1 will be
masqueraded,
taking eth1 address for source address. iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
Another interesting way, is to setup only routing on your centos,
and
add (ask your network manager) the route of your internal network (I guess 192.168.10.8/29 through 192.168.10.13 ) on your firewall and maybe a similar one on your router if the firewall is not doing NAT. Then your firewall administrator can control the access to any of
your
internal machines or make some of them reachable from outside if for example you want to have a web server or an
server (this is not a good idea, but you get the idea). All of this without chnaging anything more on your centos router.
To route packet only, without doing NAT (aka MASQUERADING or
HIDE-NAT)
just use echo 1 > /proc/sys/net/ipv4/ip_forward
Regards
Regards.
> > > > > 2008/1/22, Dennis McLeod <dmcleod@foranyauto.com >: > > > I have an IPcop box setup at work. Using squidguard to keep
customers from
> > surfing porn while they are in our waiting room. (On a
completely
separate
> > DSL connection..) > > > > I have an Astaro Security Gateway setup at home (on a Dell
p3
precision
> > 220). Free home license, do FAR more than your typical
broadband
router.
> Not > > a small learning curve, though. Wireless is through a D-link
DWL-7100(I
> > think) access point in the attic. > > I have a Linksys wrt54g (original version) with openWRT, but
it's
just
> there > > for backup..... > > > > Any of the above will accomplish your goal... > > > > > > > > > > -----Original Message----- > > From: centos-bounces@centos.org [mailto:
centos-bounces@centos.org]
On
> Behalf > > Of Alain Spineux > > Sent: Tuesday, January 22, 2008 6:52 AM > > To: CentOS mailing list > > Subject: Re: [CentOS] How can i share my WAN ip to my LAN? > > > > On Jan 22, 2008 3:17 PM, William L. Maltby <
CentOS4Bill@triad.rr.com>
> wrote: > > > On Tue, 2008-01-22 at 14:49 +0100, Alain Spineux wrote: > > > > On Jan 22, 2008 8:46 AM, Tolun ARDAHANLI < > tolun.ardahanli@linux.org.tr> > > wrote: > > > > > Hi everybody... > > > > > > > > > > How can I share my WAN ip to my LAN? How can I do that
I
really
> > > > > dont know...:( I am using linux long time ago but this
kind I
> > > > > would like to do newly... > > > > > > > > Buy a small router/modem, ask your ISP for suggestions. > > > > This is cheap (<100$), no need to keep your computer
always
turned
> > > > on, very easy to configure if you nead more features
(port
> > > > forwarding for skype, games, p2p, ....), have some
builtint
feature
> > > > (dhcp, DNS proxy). Also think about wireless ...... > > > > This is probably more secure, not because centos/linux
is
not,
but
> > > > because you dont know what you are doing. > > > > > > > > Of course this is less fun > > > > > > Well, I wasn't going to suggest, but since the topic of
alternatives
> > > is open... > > > > :-) > > > > Of course the main idea is to avoid to have a non firewall
dedicated
linux
> > (like centos is) configured by someone without to much
network
knowledge
> be > > in front of Internet. > > > > > > > > If you have an older available computer laying around,
check
out
IPCop
> > > > > > http://www.ipcop.org/ > > > > > > free, has lots of features, runs reliably, I've been on it
for
years,
> > > as have others on this list. Biggest gripe I have is docs
could be
a
> > > little better - they tend to not get updated to stay up
with
the
> software. > > > > > > > > > > > Regards. > > > > > > > > > > > > > > Can anybody help me about IP sharing in Centos? > > > > > > > > > > thanks alot... > > > > > > > > > > > > > > > -- > > > > > Tolun ARDAHANLI > > > > > Bilgisayar Muhendisi > > > > > E-posta: tolun.ardahanli@linux.org.tr > > > > > Icq:326600 > > > > > > > > > >
> > > > > ---------- > > > > > > > > > > Tolun ARDAHANLI > > > > > Computer Engineer > > > > > E-mail:tolun.ardahanli@linux.org.tr > > > > > Icq:326600 > > > > ><snip sig stuff> > > > > > > HTH > > > -- > > > Bill > > > > > > > > > _______________________________________________ > > > CentOS mailing list > > > CentOS@centos.org > > > http://lists.centos.org/mailman/listinfo/centos > > > > > > > > > > > -- > > Alain Spineux > > aspineux gmail com > > May the sources be with you > > _______________________________________________ > > CentOS mailing list > > CentOS@centos.org > > http://lists.centos.org/mailman/listinfo/centos > > > > _______________________________________________ > > CentOS mailing list > > CentOS@centos.org > > http://lists.centos.org/mailman/listinfo/centos > > > > > > -- > > > Tolun ARDAHANLI > Bilgisayar Muhendisi > E-posta:tolun.ardahanli@linux.org.tr > Icq:326600 > >
> > Tolun ARDAHANLI > Computer Engineer > E-mail:tolun.ardahanli@linux.org.tr > Icq:326600 > _______________________________________________ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > >
-- Alain Spineux aspineux gmail com May the sources be with you
-- Alain Spineux aspineux gmail com May the sources be with you _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600 _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Alain Spineux aspineux gmail com May the sources be with you _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600 _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- Alain Spineux aspineux gmail com May the sources be with you _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Tuesday 22 January 2008 14:52:19 Alain Spineux wrote:
On Jan 22, 2008 3:17 PM, William L. Maltby CentOS4Bill@triad.rr.com wrote:
On Tue, 2008-01-22 at 14:49 +0100, Alain Spineux wrote:
On Jan 22, 2008 8:46 AM, Tolun ARDAHANLI tolun.ardahanli@linux.org.tr
wrote:
Hi everybody...
How can I share my WAN ip to my LAN? How can I do that I really dont know...:( I am using linux long time ago but this kind I would like to do newly...
Buy a small router/modem, ask your ISP for suggestions. This is cheap (<100$), no need to keep your computer always turned on, very easy to configure if you nead more features (port forwarding for skype, games, p2p, ....), have some builtint feature (dhcp, DNS proxy). Also think about wireless ...... This is probably more secure, not because centos/linux is not, but because you dont know what you are doing.
Of course this is less fun
Well, I wasn't going to suggest, but since the topic of alternatives is open...
:-)
Of course the main idea is to avoid to have a non firewall dedicated linux (like centos is) configured by someone without to much network knowledge be in front of Internet.
If you have an older available computer laying around, check out IPCop
http://www.ipcop.org/free, has lots of features, runs reliably, I've been on it for years, as have others on this list. Biggest gripe I have is docs could be a little better - they tend to not get updated to stay up with the software.
Regards.
Can anybody help me about IP sharing in Centos?
thanks alot...
-- Tolun ARDAHANLI Bilgisayar Muhendisi E-posta:tolun.ardahanli@linux.org.tr Icq:326600
Tolun ARDAHANLI Computer Engineer E-mail:tolun.ardahanli@linux.org.tr Icq:326600
<snip sig stuff>
HTH
Bill
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Have a look at Smoothwall. Once its set up just keep an eye on the updates, via a web browser. www.smoothwall.org or .com if you want to put your hand inn your pocket.
-
Alain Spineux -
Anne Wilson -
Dennis McLeod -
Guy Boisvert -
John Bowden -
John R Pierce -
Mats Karlsson -
MatsK
-
Tolun ARDAHANLI -
William L. Maltby