Very Computer

Hello,

        Brief summary of my h/w config for reference:

        LINUX BOX - RH 7.0(2.2.16-22) Sevrver with WWW and DNS selected.

                A) P233 - 64Mb - 13Gb - ONLY LINUX
                B) ETH0 - 192.168.100.200 - 255.255.255.0 - 3C90x
                C) ETH1 - DHCP(66.189.99.191) - NE2K-P1

                        One of my windows boxes:

                Dell Dimension 4500 - P4-2Ghz - 512Mb - 40Gb -
                Realtek Card - 192.168.100.202 - Gtwy:192.168.100.200

                PIII 550 - 512Mb - 30Gb - Netgear Card - 192.168.100.201
                Gtwy:192.168.100.200
        I live in Central Massachusets and my cable provider is Charter..

        What is my problem? I can not get the windows machines to
        connect to the internet via the Linux box. They can ping ea other,
        win <-->linux.

        What have I done in terms of research/configuration:

        I read and applied part if not most of the following docs: DHCP mini,
        troubleshooters.com IP Forwarding and DHCP info, CABLEModem How-to
        Ethernet HowTO..blah blah several others. Hopefully you see I have
        tried to do some homework..

        'Ifconfig -a' sees both cards as listed at the top with all of the
        other info ifconfig provides.
        I can access the internet with the Linux box.

        I did not fully install the DHCP server(dhcp-3.0.1rc10.tar.gz)
        since I noticed that the windows boxes could not get out.

        Here are some of my questions.
        Do I need to setup LINUX as a DNS server?
        In my ifcg-eth1 do I need to add my node name as the DHCP_HOSTNAME?
        In /etc/sysconfig/network which gateway should I enter there,
        I assume the external address? and should I have the gatewaydev
        as eth1 or eth0?
        I am a little confused with the domain name vs node name. Is
        the node name my computer name or ma.charter.net? What would my
        domain name be cptrnm.ma.charter.net?

Ray

No need to build your own name server.

Quote:>    In my ifcg-eth1 do I need to add my node name as the DHCP_HOSTNAME?

Each ISP is different, however with mine I needed only to specify proto was
dhcp. Some do require you to specify host named. Experiment by verifying that
the router/firewall can communicate externally/internet. If so, you should be
fine.

Quote:>    In /etc/sysconfig/network which gateway should I enter there,
>    I assume the external address? and should I have the gatewaydev
>    as eth1 or eth0?

Which nic is used for external communication is not important, but you do need
to know which is the external (DHCP) before writing iptables or ipchains
rules. The external interface will be assigned its gateway via your ISP's dhcp
server. Your masqueraded hosts will be assigned the internal interface on the
router as their gateway.

Quote:>    I am a little confused with the domain name vs node name. Is
>    the node name my computer name or ma.charter.net? What would my
>    domain name be cptrnm.ma.charter.net?

As I recall node is synonymous to host. Been a while since I have heard that r
eference, so I may be mistaken. If you can provide context, I could clarify.

Quote:> Ray

NOTE:
A common error I have found is not enabling forwarding and degramentation of
packets. The later is required for masquerading and may be enabled in a script
or /etc/sysctl.conf.

Also, a useful tool in diag/trouble-shooting is ethereal or ethereal-gnome.
Both are stock packages in more recent versions of Red Hat.

--
Richard Harmonson
Certified Systems Engineer
http://www.kinetotech.com/richard/

Dave and Richard..

Thank you very much for your assistance. I have just finished setting
it all up. 1 linux(RH 7.0) fw/gtwy with masq/ipchains and three
windows clients. All can connect and see each other. Several online
port scanners can not get in!!! YEA YEA!!

I did reinstall everything with a custom config. I then manually set
the ip's of the windows and the internal nic for the Linux box also
the gateways and DNS ips. Since I had some time to surf while at work
and I found this NIFTY app at www.pointman.org(pmfirewall) which walks
one thru creating the rules, masq and what not for Linux!! Now I can
sit bk take some time reviewing all of the rules it put in place, to
attempt and understand them so I can reconfig at my own speed!!

Once again thanks it was a matter of configuring the ipchains and masq
as you both had suggested.Got to love the internet and a little
research time..

Ray

BTW: it is 2:46am EST 12/4/02, darn time does fly. I started this all
around 11pm.. ;-)

Ray