ethraza Posted January 22, 2005 Report Share Posted January 22, 2005 Hi! Take a look what I need to do... I need to do a proxy server that will act like that... In a lan with aprox. 50 nodes... When someone come with u notebook and plug this, no mather the OS, he must to be able to use the Internet without configurations cose hin is a ordinary User. And the cool part now... Each one simple cannot see the others. I think in add 50 virtual ips to the Server eth and configure 50 subnets in dhcp. I know that Linux support at least 255 virtual ips on one eth, but I don't know if dhcp will like that. I try this later. But opinions, suggestions and comments are appreciated. Thanx n 1 in advance! Quote Link to comment Share on other sites More sharing options...
ethraza Posted January 23, 2005 Author Report Share Posted January 23, 2005 (edited) Ok, please n 1? I started with problens... I'm having problens with dhcpd.conf ... crazy Edited January 23, 2005 by ethraza Quote Link to comment Share on other sites More sharing options...
Cannonfodder Posted January 23, 2005 Report Share Posted January 23, 2005 Better post that file :) etc/dhcpd.conf Quote Link to comment Share on other sites More sharing options...
ethraza Posted January 23, 2005 Author Report Share Posted January 23, 2005 I did some google search and found that noone knows what is talking about. My last dhcpd.conf : --- ddns-update-style ad-hoc; shared-network 0 { subnet 192.168.0.0 netmask 255.255.255.0 { option broadcast-address 192.168.0.255; } } subnet 192.168.1.0 netmask 255.255.255.0 { range 192.168.1.2 192.168.1.5; option broadcast-address 192.168.1.255; } subnet 192.168.2.0 netmask 255.255.255.0 { range 192.168.2.2 192.168.2.5; option broadcast-address 192.168.2.255; } --- ifconfig : --- eth1 Encapsulamento do Link: Ethernet Endereço de HW 00:02:44:25:C0:EC inet end.: 192.168.0.1 Bcast:192.168.0.255 Masc:255.255.255.0 endereço inet6: fe80::202:44ff:fe25:c0ec/64 Escopo:Link UP BROADCASTRUNNING MULTICAST MTU:1500 Métrica:1 RX packets:6718 errors:0 dropped:0 overruns:0 frame:0 TX packets:15975 errors:0 dropped:0 overruns:0 carrier:0 colisões:0 txqueuelen:1000 RX bytes:940656 (918.6 Kb) TX bytes:12740022 (12.1 Mb) IRQ:10 Endereço de E/S:0x2000 eth1:1 Encapsulamento do Link: Ethernet Endereço de HW 00:02:44:25:C0:EC inet end.: 192.168.1.1 Bcast:192.168.1.255 Masc:255.255.255.0 UP BROADCASTRUNNING MULTICAST MTU:1500 Métrica:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 colisões:0 txqueuelen:1000 RX bytes:0 (0.0 b ) TX bytes:0 (0.0 b ) IRQ:10 Endereço de E/S:0x2000 eth1:2 Encapsulamento do Link: Ethernet Endereço de HW 00:02:44:25:C0:EC inet end.: 192.168.2.1 Bcast:192.168.2.255 Masc:255.255.255.0 UP BROADCASTRUNNING MULTICAST MTU:1500 Métrica:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 colisões:0 txqueuelen:1000 RX bytes:0 (0.0 b ) TX bytes:0 (0.0 b ) IRQ:10 Endereço de E/S:0x2000 --- service dhcpd start [Failed] syslog : --- dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file dhcpd: Wrote 0 leases to leases file. dhcpd: Interface eth1 matches multiple shared networks dhcpd: dhcpd: exiting. dhcpd: dhcpd inmcio failed --- Why? Quote Link to comment Share on other sites More sharing options...
fissy Posted January 23, 2005 Report Share Posted January 23, 2005 (edited) do you want the proxy server to ask for a username and password or is open access ok? If you want anyone on your network to be able to access the net through the proxy without a password you could redirect outgoing traffic at the router to the proxy server except in the case where the traffic has come from the proxy. Shorewall is good for this. edit; sorry, didn't read the 'cool part' Edited January 23, 2005 by fissy Quote Link to comment Share on other sites More sharing options...
ethraza Posted January 24, 2005 Author Report Share Posted January 24, 2005 Thanks 4 the reply but I know do a proxy server, my problem is with the DHCP server and the "Cool Part". I googled this and I think that is is poorly documented. This make the things more complicated. If some one know a good documentation for the DHCP can be a good start. THX Quote Link to comment Share on other sites More sharing options...
Draco Araurlis Posted January 24, 2005 Report Share Posted January 24, 2005 The documentation available on the net for DHCPd is, as you say, mediocre at best. Even on the development website - but you can buy the book. http://www.isc.org/index.pl?/sw/dhcp/ Quote Link to comment Share on other sites More sharing options...
ethraza Posted January 25, 2005 Author Report Share Posted January 25, 2005 If is usefull 4 n 1: To resolve my won problem the only thing to undestand is that a shared-network statemant refers to a ethernet and not for an IP, so if all virtual IPs are in one ethernet, all configs of subnets must come inside a shared-network statement that refers to the phisycal ethernet. Quote Link to comment Share on other sites More sharing options...
Guest dhanraj sheth Posted February 25, 2005 Report Share Posted February 25, 2005 hi you don't want any user to see other user on the network or what ?? well as you said you also wanted to do that with DHCP well if the answer of my question is "YES" then do this: give ip to every user with subnet 255.255.255.252 in that manner with each ip allocated to a machine on your network another 3 ip will be lost and then configure the firewall as said by 'fissy' with "shorewall" and block all the loc to loc file sharing and netbios on the network well for this setup Evey users Gateway will be diffrent and will be bind with virtual interface on the Server which in term will be Gateway and each ip you add the route should also be added so that the user should be able to surf the web. if your answer is "NO" then please explain in simple language. Thanks, Dhanraj sheth Quote Link to comment Share on other sites More sharing options...
ethraza Posted March 14, 2005 Author Report Share Posted March 14, 2005 Is this! (Yes is the right answer.) Thanks 4 the reply, I will need this soon. Quote Link to comment Share on other sites More sharing options...
ethraza Posted March 23, 2005 Author Report Share Posted March 23, 2005 With this part solved, the 'big net saga' continues on: http://mandrakeusers.org/index.php?showtopic=23962 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.