zhex900 Posted December 23, 2004 Report Share Posted December 23, 2004 I have spent a few hours looking at google.groups to figure out how to setup a gateway & firewall on my mandrake 10 box. Here is what I want. Internet --- Cable modem --- Linux box --- Router --- Any clients. 1) Just to get the Linux box to forward packets. 2) The most important function I want my Linux box to do, is monitoring and restricting how much each client in the internal network are able to download. This can be done using Squid right? Is this the easiest way? 3) After I get the above working, I can play around with firewall, email, ssh, ... etc Can someone point to me to a place where I can familiarise of how to get my gateway running. The current configuration is this. Internet --- Cable moderm --- Router --- Clients (Window and Linux machines) My Linux box have two NICs. Eth0 is up and running nicely. I haven’t try to setup eth1 yet. (I am kind of scared of setting up eth1, I'll probably run in trouble again). :deal: Quote Link to comment Share on other sites More sharing options...
Gowator Posted December 23, 2004 Report Share Posted December 23, 2004 I'd start by setting up eth1 as an internal network.... at this point keep a different IP range to eth0 and noone can get out. In order for them to get out you need to explicitly routre across the two networks and its much simpler using two NIC's (not to mention more efficient)... I would recommend choosing a firewall like guarddog/shorewall etc. whatever you do choose one with good documentation and read it. Dump the mandrake config for shorewall (if you choose it) unless its changed since last time and follow the two NIC getting started on the shorewall site... Its actualy ridiculously easy once you have 2 working networks and you follow the step by step config in the shorewall site.... Start off and just choose a new IP range (a RFC one) for the inside network since eth0 is prob getting its IP from the router along with the others... I would have Internet---cable--eth0---linux server---router---clients where eth1 would be another client with dhcp from the router .... OR disable the dhcp sderver on ther modem and do it from the linux box... once you have this set up and working then squid should do what you want... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.