Newbie network question

Newbie network question

Post by jean christophe godefro » Sun, 31 Dec 1899 09:00:00



Hi,

I am new to network management and i would like to set the following
network :
Pichu :  main server
several clients esteban, zia, chaton running w95, w 2k and linux

Pichu uses ppp to connect to the internet, and i would like to
share the connection with the others clients
I would also like to set  Pichu as the DNS for my
local network.

Could you indicate me the corresponding howto's or
"gpl" software i should use in order to set my network ?

Thanks in advance.

--
Jean Christophe Godefroy

 
 
 

Newbie network question

Post by Mice » Sun, 31 Dec 1899 09:00:00


If Pichu is a Linux box then you can place your ISP's nameserver addresses
into "/etc/resolv.conf" so that clients getting onto the net will have name
resolution and so that your Linux box will have name resolution, (The squid
proxy server reads and caches the nameserver addresses at startup and does
not need resolv.conf thereafter). Then you should set up a ppp dialing
script (or scripts) in your Linux startup so that every time you boot you
get a connection to the internet. There are some good scripts that come with
RedHat - just do a "locate ppp" to find them. They will be "ppp-on",
"ppp-off", etc, etc. They have to be modified very slightly to have your
username and password for connecting to your ISP, as well as a few
characters from your ISP's PPP-prompt string. Then you could permit any
clients to have access to the internet via the Linux box by either using a
proxy or NAT.

To use a proxy download the latest STABLE version of the squid proxy server
from www.squid-cache.org. Also print the FAQ and manual. It takes a while to
get familiar with it. Build it, then modify the squid.conf file to contain
your own desired settings. Modify permissions to various Linux directories
as suggested in the squid manual (for security). Place a command in your
Linux startup script to start squid once the PPP connection has had time to
complete. For example:

"( sleep 30 ; /usr/local/squid/bin/squid ) &"

The above command should follow the PPP connection in the script so that
squid starts when a valid PPP connection to the ISP exists. If you use port
8080 for squid then you will want to configure Internet Explorer (or
Netscape, or whatever) at each client PC to use a "proxy server" on the LAN.
Specify the network address of the Linux box as the proxy, on port 8080.
This works fine for me and for a company I work for. If you want to have
authentication for your clients, (ie: have certain clients be able to access
everything and others only be able to access a limited number of pages) then
you need to also use PROXY_AUTH in conjunction with SMB_AUTH (uses SAMBA
client utilities). Download this at
www.hacom.nl/~richard/software/smb_auth.html. This will permit you to have
various NT clients authenticate themselves to squid before being allowed out
onto the net. Works great. Finally, if you want reports on who is using
which web pages and for how long (say once a week or so) then use sqmgrlog
from http://web.onda.com.br/orso/. Also works great. You need to set up a
sqmgrlog.conf file to control the options in it.

However, there is another way, using NAT (Network Address Translation), and
it is easier than figuring out squid. Just use the ipchains command that is
built into RedHat Linux. Using the FORWARD and MASQ options you can have the
Linux box accept all incoming requests from your clients to the internet,
replace the source address in each packet with the ISP-assigned Linux-box
internet address, and then forward the packets to the internet. Works great
for me. Very little setup required. Caution: in recent versions of the Linux
Kerneal forwarding is turned off by default, so in your script that starts
ipchains you should also place the command:

"echo 1 > /proc/sys/net/ipv4/ip_forward"

I don't know how to make the setting permanent, so putting this in your
script causes it to happen every time you start the firewall, which is
probably every time you boot.

To have a DNS server there would be no problem using the Linux box, but be
prepared, all of the above takes time to figure out and get working.

Good luck, you'll need it.

Micer



Quote:> Hi,

> I am new to network management and i would like to set the following
> network :
> Pichu :  main server
> several clients esteban, zia, chaton running w95, w 2k and linux

> Pichu uses ppp to connect to the internet, and i would like to
> share the connection with the others clients
> I would also like to set  Pichu as the DNS for my
> local network.

> Could you indicate me the corresponding howto's or
> "gpl" software i should use in order to set my network ?

> Thanks in advance.

> --
> Jean Christophe Godefroy


 
 
 

1. Newbie networking question-firewall

I have a cable modem attached to the uplink of a netgear 10/100 hub
(uplink switch in "Normal" position" and all is well.  I am running a
Mandrake box with a firewall and proxy server which works fine so long
as the modem is plugged into the hub and not directly into the
firewall box.  It seems to me that the correct way to connect would be
cable modem to WAN NIC in firewall box and LAN NIC to hub for the rest
of the network.  When I do that, the other boxes can't see the
Internet.  Any suggestions warmly accepted.  Please reply to list or
replace warmmail with you know what in my email address.  TIA

2. Etymology of "grep"

3. Newbie network question

4. HP820cxi

5. newbie network question

6. Apache on DG UX

7. NEWBIE network question.

8. Untaring from Tape created with AIX problem....

9. Newbie Network questions

10. Newbie Network Question...

11. Newbie network question.

12. Newbie networking question

13. Newbie Network Question