a basic guide for idiots?

I have two pcs networked over win98se to a common broadband cable
router.

I am struggling to get linux set up as the preferred os on both
machines. For most tasks, all is well.

But I simply can't fathom linux networking. I tinker with the ethernet
addresses till the cows come home - and sstill mandrake 9.1 won't
'see' the other computer.

I've searched and searched for simple, idiot proof guides to
networking for linux to no avail. I expect my brain is too dulled by
staring at screens to cope.l

Is there a simple, hands-on steo by step guide to setting up a linux
network please?

And - before I get too involved - there seems to be no indication in
the various support centres that linux supports either SiS or Realteck
NIC cards. So am I wasting my time altogether?

In article <(E-Mail Removed)>,
(E-Mail Removed) says...
> I have two pcs networked over win98se to a common broadband cable
> router.
>
> I am struggling to get linux set up as the preferred os on both
> machines. For most tasks, all is well.
>
> But I simply can't fathom linux networking. I tinker with the ethernet
> addresses till the cows come home - and sstill mandrake 9.1 won't
> 'see' the other computer.
>
> I've searched and searched for simple, idiot proof guides to
> networking for linux to no avail. I expect my brain is too dulled by
> staring at screens to cope.l
>
> Is there a simple, hands-on steo by step guide to setting up a linux
> network please?
>
> And - before I get too involved - there seems to be no indication in
> the various support centres that linux supports either SiS or Realteck
> NIC cards. So am I wasting my time altogether?
>
Links:

http://www.oreillynet.com/linux/cmd/ command summary
http://www.math.uni-bonn.de/intern/docs/linux1.pdf most common commands
summary by Darcy O'Neil (3 pages, 33.3KB download)
http://www.mandrakeuser.org/index.php Mandrake User Org.
http://www.tldp.org/ Linux Documentation Project
http://rute.sourceforge.net/ downloadable Linux Manual
http://homepage.ntlworld.com/alex.ba...drake-faq.html aolm FAQ
http://www.mandrakeuser.org/docs/connect/cmlan.html LAN theory
http://www.linuxhomenetworking.com/ linux home networking
http://www.mozillaquest.com/Linux02/...k_Neighborhood
_Story-01.html setting up LinNeighborhood

Samba:
http://www.samba.netfirms.com/ Easy setup guide
(this my site)

Samba (Windoze Networking/Printing):
Downloadable Samba manual just search for sambapdf.zip if not at
http://funredes.org/ftp/Linux/

--
Regards,
Mark

Samba Setup Guide: www.samba.netfirms.com
My gpg public key: www.samba.netfirms.com/gnupg/gpg_public.asc

HowburyPete!

HowburyPete wrote:
>
> I've searched and searched for simple, idiot proof guides to
> networking for linux to no avail. I expect my brain is too dulled by
> staring at screens to cope.l
>
> Is there a simple, hands-on steo by step guide to setting up a linux
> network please?

Be happy >> I'm going through the same phase <<

Perhaps two dummies together make a decent user ;-)

Open a console and as root do these two things:
1: cat /proc/sys/net/ipv4/ip_forward
if 0 comes out do
echo "1" > /proc/sys/net/ipv4/ip_forward

2. (assuming your system has either ip_tables compiled in the kernel
or loaded as a module)
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

^eth0 ecause that is the
interface connected to the internet. YMMV.

Now try a to ping from a windooze box (there is a command line
interface, in older versions MS-DOS, newer versions it is called
cmd). You should get the reply from the linux box.

Now set the linux box address as the gateway for your winbox.
now try to ping something in Internet. It should work.

For the more experienced:
I'm stuck beween this naive approach and a simple but still not
so foolish iptables script which I can keep on editing to get
something reasonable and which I understand.

Could you people give me a hint?

Thanks for all the help!!

Arun.
--

:: HowburyPete <(E-Mail Removed)>
:: I have two pcs networked over win98se to a common broadband cable router.

I assume this means there are three machines total, one of which is running
win98se and sharing access to a cable modem to the others. I assume that
because if you had a cable *router*, you wouldn't be networking
"over win98se".

:: I simply can't fathom linux networking. I tinker with the ethernet
:: addresses till the cows come home - and sstill mandrake 9.1 won't
:: 'see' the other computer.

Well, if you had a cable router, you'd simply set both machines
to aquire their addresses automatically via DHCP, and let the
router hand out IP, netmask and gateway, all compatibly. Then
just plug your three machines into the cable router (that is
assuming it's the usual variety with a 4-port switch built in),
and the router into the cable modem, and there you go. Plug
it together, turn it on, and away you go.

If you really want to share the internet access via a win98se machine,
then you'll have more complicated things to deal with, depending on the
product you're using for shared access. But ignoring that for a moment,
and presuming you have a hub or switch into which you plug your two
linux machines, then you simply choose a subnet and two IPs on that
subnet (eg, 192.168.1.5 for one, and 192.168.1.6 for the other, and
255.255.255.0 for the netmask), bring up the machines, make sure their
firewalls allow access, and they should see each other, eg, via ping
and via any services you have started. It's really just that simple.

The rest of the complictaion is in what services to offer; eg, making
filesystem visible between the two linux systems involves setting
up nfs, and arranging to export and mount corresponding entries
on the two machines; on the other hand, you could start ssh services,
which would allow you to log into each machine from the other.
And of course, samba for interaction with any win98se machine
on the same net.

So. Unless you describe just *what* *kinds* of problems you are having,
and what things you've tried, it's hard to point to anything but generic
HOWTO files or textbooks.

: Arun Dev <(E-Mail Removed)>
: Open a console and as root do these two things: 1: cat
: /proc/sys/net/ipv4/ip_forward if 0 comes out do echo "1" >
: /proc/sys/net/ipv4/ip_forward [etc, etc]

That would be if the linux systems needed to do IP forwarding.
Which I don't see a cause for, unless the idea is to replace the
win98se internet sharing with the linux version. Which again,
points to the need to state a bit more precisely what you want
to accomplish, and what you've tried so far.

: For the more experienced: I'm stuck beween this naive approach and a
: simple but still not so foolish iptables script which I can keep on
: editing to get something reasonable and which I understand.

Well, other than just "look for iptables HOWTOs, textbooks,
and examples on the net", not much can be said unless you state
a bit more about what you're trying to accomplish. The first thing
you should look into is adding a firewall to the ouside access; there
are many ways of doing this. I must admit I myself am still stuck
in the mire of ipchains for my firewall... oh well. One script
that was given to me to start with is this

#!/bin/sh

case "$1" in
start)
echo "entering paranoid firewall mode"
ipchains -F input
# We trust ourselves, so allow anything in sent to the loopback address
ipchains -A input --interface lo -j ACCEPT

# Allow ICMP, but not redirects
ipchains -A input -p ICMP --icmp-type redirect -j DENY
ipchains -A input -p ICMP -j ACCEPT

# Allow packets from the DNS port
ipchains -A input -p UDP --source-port 53 -j ACCEPT

# block all protocols except TCP
ipchains -A input -p \! TCP -j DENY

# block TCP syns
ipchains -A input -p TCP --syn -j DENY
;;
stop)
echo "exiting paranoid firewall mode"
ipchains -F input
;;
*)
echo "Usage: paranoid [start|stop]"
exit 1
esac

exit 0

which I still use (with a few alterations) on my laptop, turning
on paranoid mode when I'm accessing things from an untrusted net,
and turning it off so I can remotely log in and such when I'm on
a trusted net. But again... it's still using ipchains. You can
update it to iptables use. The virtue in it is that it's very
simple and easy to understand, yet real-world enough to be useful.
It doesn't follow the most paranoid conventions (ie, deny everything
and make all other rules selectively accept things is a common
rule, but the above isn't that paranoid), but as I say: it's
simple and an interesting place to start.

Ah well. Hope this helps, and isn't too elementary or misleading.


Wayne Throop (E-Mail Removed) http://sheol.org/throopw

Hi

Wayne Throop wrote:
> :: HowburyPete <(E-Mail Removed)>
> :: I have two pcs networked over win98se to a common broadband cable router.
>
> I assume this means there are three machines total, one of which is running
> win98se and sharing access to a cable modem to the others. I assume that

You are right!
The correction to my previous mail is simply:
instead of a crossover cable he needs a hub or a switch for his LAN.

> : For the more experienced: I'm stuck beween this naive approach and a
> : simple but still not so foolish iptables script which I can keep on
> : editing to get something reasonable and which I understand.
>
> Well, other than just "look for iptables HOWTOs, textbooks,
> and examples on the net", not much can be said unless you state
> a bit more about what you're trying to accomplish. The first thing
> you should look into is adding a firewall to the ouside access; there
> are many ways of doing this. I must admit I myself am still stuck
> in the mire of ipchains for my firewall... oh well. One script
> ...

I need something similar for iptables.

For my adhoc needs the naive setup was sufficient. It is my junior
who is determined to build a 3-homed host for his school with DMZ
etc. and keep on asking me difficult quesions

Anyway with the help of Mick Bauer: Building Secure Servers with Linux,
O'reilly we've developed a script which can be used to try out various
rules. It is a bit too long for the NG, if there is general interest
I can document it better and put online.

> Ah well. Hope this helps, and isn't too elementary or misleading.

It helped for sure! Thanks!!

Arun