Linux as a gateway in a LAN

Hello, I have a small LAN and an ADSL connection to the Internet, I would
like to install Linux (I am thinking in Fedora Core 3) in the machine
where I have the ADSL connection, and make the other PC's connect to the
Internet htrough this machine. I think I need to install and configure in
that machine, DHCP and NAT, I don't know if I would need something else,
like some Firewall capabilities. I am a new linux user so I basically
would like to know about a good tutorial about how to configure this
stuff, or good tools or programs to do it, and of course advise about
which are the possible alternatives to do it.


Thanks !


Daniel Camps

On 2004-11-28, Daniel Camps <(E-Mail Removed)> wrote:
> where I have the ADSL connection, and make the other PC's connect to the
> Internet htrough this machine.

Read the home-networking-howto.
Davide

--
life suddenly made much more sense, the day i fully grokked that
people are stupid.
-- Frank Sweetser

In article <(E-Mail Removed)> ,
(E-Mail Removed) (Daniel Camps) writes:

> Hello, I have a small LAN and an ADSL connection to the Internet, I
> would like to install Linux (I am thinking in Fedora Core 3) in the
> machine where I have the ADSL connection, and make the other PC's
> connect to the Internet htrough this machine. I think I need to
> install and configure in that machine, DHCP and NAT, I don't know
> if I would need something else, like some Firewall capabilities.
> I am a new linux user so I basically would like to know about a
> good tutorial about how to configure this stuff, or good tools or
> programs to do it, and of course advise about which are the possible
> alternatives to do it.

You'll need DHCP and NAT on the ADSL connection: DHCP because your
ISP uses it, and NAT so that your ISP will think there's only one
machine connected. On the LAN side of the machine it doesn't matter;
my LAN uses static addresses (192.168.0.x) and lets the gateway box
figure things out if I'm talking to the outside world.

But you _definitely_ need firewall capabilities. This is _not_ an
option; there are a lot of nasties out there who are trying hard to
break into your network. I'm using a dedicated box running OpenBSD's
packet filter (pf), but there are Linux equivalents you can use.
I'm blocking probes every few of minutes from all over the world,
usually on ports 135 and 445 but I've got everything locked down
pretty tightly. I made the mistake of connecting my wife's Win98
laptop directly to the ADSL modem - she was infected in 10 minutes.
Linux boxes aren't nearly as vulnerable, but you still don't want
to take chances.

_Don't_ connect your LAN to the Internet without a firewall.

--
/~\ (E-Mail Removed)lid (Charlie Gibbs)
\ / I'm really at ac.dekanfrus if you read it the right way.
X Top-posted messages will probably be ignored. See RFC1855.
/ \ HTML will DEFINITELY be ignored. Join the ASCII ribbon campaign!

In article <(E-Mail Removed)> , Daniel Camps wrote:

>Hello, I have a small LAN and an ADSL connection to the Internet, I would
>like to install Linux (I am thinking in Fedora Core 3) in the machine
>where I have the ADSL connection, and make the other PC's connect to the
>Internet htrough this machine.

Common enough task. In Linux, we have these documents called HOWTOs that
discuss these kind of things. As you probably haven't installed yet,
wander over to

http://en.tldp.org/HOWTO/HOWTO-INDEX/howtos.html

where you will find among other things:

684614 Nov 9 2003 IP-Masquerade-HOWTO
17605 Jul 21 22:32 Masquerading-Simple-HOWTO
287057 Jul 23 2002 Security-Quickstart-Redhat-HOWTO

45620 Jul 10 2000 Networking-Overview-HOWTO
71626 Apr 4 2004 Unix-and-Internet-Fundamentals-HOWTO

>I think I need to install and configure in that machine, DHCP and NAT, I
>don't know if I would need something else, like some Firewall capabilities.

DHCP is used when your systems are not configured manually. It just means
that you have to configure a server to hand out addresses, rather than
each host to have a fixed address. It also may complicate hostnames
unless you reserve IPs for a specific MAC address (which complicates the
setup). There is a mini-howto on setting up DHCP.

>I am a new linux user so I basically would like to know about a good
>tutorial about how to configure this stuff, or good tools or programs to
>do it, and of course advise about which are the possible alternatives to
>do it.

The HOWTOs are a good starting place (there are over 480 of them), and
there are some free books as well.

http://tldp.org/guides.html

Old guy

Charlie Gibbs wrote:
> In article <(E-Mail Removed)> ,
> (E-Mail Removed) (Daniel Camps) writes:
>
>
>>Hello, I have a small LAN and an ADSL connection to the Internet, I
>>would like to install Linux (I am thinking in Fedora Core 3) in the
>>machine where I have the ADSL connection, and make the other PC's
>>connect to the Internet htrough this machine. I think I need to
>>install and configure in that machine, DHCP and NAT, I don't know
>>if I would need something else, like some Firewall capabilities.
>>I am a new linux user so I basically would like to know about a
>>good tutorial about how to configure this stuff, or good tools or
>>programs to do it, and of course advise about which are the possible
>>alternatives to do it.
>
>
> You'll need DHCP and NAT on the ADSL connection: DHCP because your
> ISP uses it, and NAT so that your ISP will think there's only one
> machine connected. On the LAN side of the machine it doesn't matter;
> my LAN uses static addresses (192.168.0.x) and lets the gateway box
> figure things out if I'm talking to the outside world.
>
> But you _definitely_ need firewall capabilities. This is _not_ an
> option; there are a lot of nasties out there who are trying hard to
> break into your network. I'm using a dedicated box running OpenBSD's
> packet filter (pf), but there are Linux equivalents you can use.
> I'm blocking probes every few of minutes from all over the world,
> usually on ports 135 and 445 but I've got everything locked down
> pretty tightly. I made the mistake of connecting my wife's Win98
> laptop directly to the ADSL modem - she was infected in 10 minutes.
> Linux boxes aren't nearly as vulnerable, but you still don't want
> to take chances.
>
> _Don't_ connect your LAN to the Internet without a firewall.
>
> --
> /~\ (E-Mail Removed)lid (Charlie Gibbs)
> \ / I'm really at ac.dekanfrus if you read it the right way.
> X Top-posted messages will probably be ignored. See RFC1855.
> / \ HTML will DEFINITELY be ignored. Join the ASCII ribbon campaign!
>
will he not have to have 2 nics also ? One going to the ADSL and the
other out to his lan ?



================================================
FindMoore.Net~Finding Your Place on the Web!
http://findmoore.net
Linux Registered User #188968
================================================