Very Computer

I want my LAN to have access to the internet through a LINUX server.
I've been searching for days, literally, and I cannot find a simple
answer to my question. I feel really stupid and vulnerable asking
because I've heard horror stories about how impatient LINUX people
get when they have to deal with someone that doesn't already know
lots and lots about the system, but here goes.

What do I need to forward TCP/IP traffic from one ethernet card on a
LINUX server to another?
eg:  cable modem -->ethernet0 on LINUX route to ethernet1 on LINUX
--> LAN

I already have two cards and a simple routing table. The LAN can
ping BOTH ethernet cards on the server but we can't get to the
internet! The LINUX server can reach the internet just fine. What do
I need to do to get ethernet0 and ethernet1 to transmit packets back
and forth?

Thanks a bunch to whoever takes the time to respond.

--
Andy Block
CGS Systems
(734) 668-0222

Quote:> I want my LAN to have access to the internet through a LINUX server.
> I've been searching for days, literally, and I cannot find a simple
> answer to my question. I feel really stupid and vulnerable asking
> because I've heard horror stories about how impatient LINUX people
> get when they have to deal with someone that doesn't already know
> lots and lots about the system, but here goes.

When you are ready, use the Firewall Design Tool on that site
<http://www.linux-firewall-tools.com/linux/firewall/index.html>
to build your firewall script.

You end up with an excellent firewall designed by Robert Ziegler,
author of "Linux Firewalls", in a minimum of time.

Rick Matthews

--
Thought for the day:
http://mysite.directlink.net/matthews/smiles/started.htm

Hi!,

Quote:> I want my LAN to have access to the internet through a LINUX server.
> I've been searching for days, literally, and I cannot find a simple
> answer to my question. I feel really stupid and vulnerable asking
> because I've heard horror stories about how impatient LINUX people
> get when they have to deal with someone that doesn't already know
> lots and lots about the system, but here goes.

> What do I need to forward TCP/IP traffic from one ethernet card on a
> LINUX server to another?
> eg:  cable modem -->ethernet0 on LINUX route to ethernet1 on LINUX
> --> LAN

> I already have two cards and a simple routing table. The LAN can
> ping BOTH ethernet cards on the server but we can't get to the
> internet! The LINUX server can reach the internet just fine. What do
> I need to do to get ethernet0 and ethernet1 to transmit packets back
> and forth?

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

Thanks so much for replying to my question. I'll check out the info and
I'm confident I'll be able to make it work, but; do I have to run a
firewall? Is there any way to just forward everything blindly? What I'm
getting at is, what is the mechanism by which ip traffic is forwarded?
Does routing alone take care of this, or is another service needed to hand
things back and forth between one subnet and the other? I thought a
properly configured routing table would move things around all by itself.

Thanks again for helping,

Andy Block
CGS Systems
(734) 668-0222

You are one busy beaver. I mut have seen your name at least a dozen times while I
was searching for answers. As I stated to an earlier respondent  -  I'll check out
the info and I'm confident I'll be able to make it work, but; do I have to run a
firewall? Is there any way to just forward everything blindly? What I'm getting at
is, what is the mechanism by which ip traffic is forwarded? Doesn't routing alone
take care of this, or is another service needed to move things around? I thought
the routing table alone would do it. (Not the table itself of course, but the
routing in conjunction with the info in the table.) Does it?

Thanks again for for your help,

Andy Block
CGS Systems
Ann Arbor, MI US
(734) 668-0222

Correction to the above message.

The line that reads: I'll check out ... do I have to run a firewall?
Should read: I'll check out ... do I have to run ipchains?

Sorry & Thanks,

Andy Block
CGS Systems
(734) 668-0222

In your current setup, the computers trying to access the Internet are
using private IP's (not routable on the Internet) rather than routable IP's.

Because of this, you'll either have to use a proxy server like dante
(SOCKS), or squid (HTTP). SOCKS proxies are the best solution for the
applications that support it, like some internet instant messaging
programs, internet phones, and streaming media.

For web browsing, a HTTP proxy like squid is a better solution for web
browsing. Running squid will improve your web speed, as the most often used
web pages are "cached" by the proxy server, so that popular web pages don't
need to be got from the internet every time.

Often though, there are applications which work neither with HTTP proxies
nor SOCKS proxies. Then it's good to set up IP masquerading as well. IP
masquerading takes outgoing internet traffic, and changes the IP address to
it's own IP address, thereby enabling communication. This works with many
applications without special setup, but some do get problems, especially
those requiring bidirectional communication, like servers and internet
phones.

You may also want to set up a caching DNS server to lessen the outbound
load for DNS. This will also improve performance significantly.

Here are some helpful addresses:

Google, a great general search engine
http://www.google.com/

The Linux IP Masquerade HOWTO
http://www.linuxdoc.org/HOWTO/IP-Masquerade-HOWTO.html

Information about the dante SOCKS proxy
http://www.inet.no/dante/

Information about squid, a caching HTTP proxy
http://www.squid-cache.org/

The Linux DNS HOWTO
http://www.linuxdoc.org/HOWTO/DNS-HOWTO.html

Good luck and have a nice day :)

--

Quote:>I've been searching for days, literally, and I cannot find a simple
>answer to my question.

Quote:>I feel really stupid and vulnerable asking
>because I've heard horror stories about how impatient LINUX people
>get when they have to deal with someone that doesn't already know
>lots and lots about the system, but here goes.

Quote:>What do I need to forward TCP/IP traffic from one ethernet card on a
>LINUX server to another?

IP forwarding enabled and IP masquerading setup and running.

Michael
--

          Lumber Cartel Unit #456 (TINLC) & Official Netscum
    Note: If you want me to send you email, don't munge your address.

Hi!,

Quote:> You are one busy beaver. I mut have seen your name at least a dozen times
> while I was searching for answers. As I stated to an earlier respondent  -  
> I'll check out the info and I'm confident I'll be able to make it work,
> but; do I have to run a firewall?

Quote:> Is there any way to just forward everything blindly? What I'm getting at
> is, what is the mechanism by which ip traffic is forwarded? Doesn't routing
> alone take care of this, or is another service needed to move things
> around? I thought the routing table alone would do it. (Not the table
> itself of course, but the routing in conjunction with the info in the
> table.) Does it?

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

Thursday August 16 2001 09:25, Andy Block wrote to All:

 AB> What do I need to forward TCP/IP traffic from one ethernet card on
 AB> a
 AB> LINUX server to another?
 AB> eg:  cable modem -->ethernet0 on LINUX route to ethernet1 on LINUX

Get FREESCO from http://www.freesco.org, and you'll be up in 15
minutes! :)

 KS

   KARICO Business Services
   Toronto, ON Canada
   http://www.karico.ca