Jump to content

Firewall + Internet Connection Sharing


Recommended Posts

Ok so here's my proposed setup.


[internet]--->[cable modem]--->[firewall/ICS machine]--->[hub]====>[4 other PC's]


Firewall/ics machine is running mandriva 2006 and has 2 NIC's. Now I understand the whole setup, but since my PC's are getting their IP's assigned by the ICS machine, does this interfere with any internet software such as bittorrent, limewire, amsn, etc etc? Because as far as I can tell, the outside world will only be able to see one PC(my ICS machine).


And how can I directly connect to one of my PC for using a remote desktop app for example from the internet, it doesn't have an IP on the internet side does it? Say for example I'm at work and I want to connect to one of my PC's either with ssh or whatever and I need it's IP, how would I connect to it if it's IP is say static assigned IP on my internal LAN).


I hope you understand my question, if you don't I can clairify some more.


Thanks in Advance!



Link to comment
Share on other sites

Very clear writeup! Good job. ;)


If that machine connected to the cable modem is set up as a router with NAT (network address translation), then I think you're ok.


Regarding your second question, you would need to do port forwarding. For example, I have a Linksys router and the configuration screens allow me to forward incoming traffic for specified ports to a specified machine on my network. So yes, you have only one IP address visible to the outside world, but your router setup can forward any traffic to a specified machine on your network. Of course, there are lots of security issues regarding all this, so you will need to bone up on that as well.

Link to comment
Share on other sites

Ok great. So what's the package called for using NAT?


Now, for the port forwarding, let me know if I have this right (just using random IP's and ports here).


My ICS machine's IP is and "PC1" on my LAN is So, if I want to connect to port 25 on PC1, then I can setup something so that if I connect to say ICS machine) it will forward it to go to my PC1's IP @


So this setup would mean that if the ICS machine gets a connection to it's port 1025 it will forward it to on port 25(or whatever I choose)? And I can make as many of these rules as I want?


Thanks a million.



Edited by alkeli
Link to comment
Share on other sites

Here's a reference to setting this up using Mandriva's standard Shorewall firewall product.




Be sure to check out additional info via the links at the Shorewall home site:




Note that there are references for both version 2 and version 3 of Shorewall.


Yes, I think you understand the ideas well.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...