PeterPanic Posted September 2, 2003 Report Share Posted September 2, 2003 Hi! I hope this question isn't stupid: Is it reasonable / possible to have the Windows 9x-Clients in my LAN get their own mails on their own? I've got Samba running for the File Serving, Squid for Getting the Clients online via my Linux-Server (DSL)... Was hard enough to configure this. Now I know I could use PostFix to get the Mails to the Server and then have the Clients get them from the Server... And send Mail the same way. But: ... Can't I just forward/route through Ports 25 and 110 so that the Windows9x-Clients can just get their Outlook Express Mails on their own (using the internet connection they also use for browsing on port 3128 / 1080 by squid) ? Formerly I used JanaServer 1 and 2 on Windows Servers ... There was a topic called "Extra Server" which "routed" ports from the clients to the Internet... Hmmm... What do you think? (I'm not THAT good in Linux Networking yet, as the better ones of you might have noticed :wink: ) Thanks in advance PeterPanic Quote Link to comment Share on other sites More sharing options...
MottS Posted September 2, 2003 Report Share Posted September 2, 2003 Why did you use Squid? In the Mandrake Control Center (formely known as MCC) you can clic Network&Internet and then Internet Connection Sharing (ICS). This way, all the clients behind your linux machine would have access to the net (port 80) and all the others (port 25 and 110 as well). It's either I don't understand your setup or you didn't know about the ICS wizard in the MCC. :? Trying to understand MOttS Quote Link to comment Share on other sites More sharing options...
bvc Posted September 3, 2003 Report Share Posted September 3, 2003 Yes, all I used was DrakGW [bTW, what does that stand for?] (well, except I use static ip's instead of dhcp) and my wife uses Win98/Outlook/Opera daily through ML9.1's connection. Or, at least when I'm on it :lol: ...all the time :wink: ...she has no choice :wink: Quote Link to comment Share on other sites More sharing options...
Steve Scrimpshire Posted September 3, 2003 Report Share Posted September 3, 2003 Yes, all I used was DrakGW [bTW, what does that stand for?] Drak GateWay. What do I win??? :wink: Quote Link to comment Share on other sites More sharing options...
johnnyv Posted September 3, 2003 Report Share Posted September 3, 2003 Yes, all I used was DrakGW [bTW, what does that stand for?] Drak GateWay. What do I win??? :wink: An invoice from SCO as you are obviously using SCO's draktools :P Quote Link to comment Share on other sites More sharing options...
bvc Posted September 3, 2003 Report Share Posted September 3, 2003 DUUUUUHHH_whIch_wAy_DId_ego_gEoRge? WhIch_wAy_DId_ego? :lol: I'd be embarrassed to say how many times I've wondered :lol: :wink: :roll: Quote Link to comment Share on other sites More sharing options...
MottS Posted September 3, 2003 Report Share Posted September 3, 2003 DUUUUUHHH_whIch_wAy_DId_ego_gEoRge? WhIch_wAy_DId_ego? :lol: I'd be embarrassed to say how many times I've wondered :lol: :wink: :roll: :banghead: Don't worry .. I didn't know either :mystilol: Quote Link to comment Share on other sites More sharing options...
PeterPanic Posted September 5, 2003 Author Report Share Posted September 5, 2003 Why did you use Squid? In the Mandrake Control Center (formely known as MCC) you can clic Network&Internet and then Internet Connection Sharing (ICS). This way, all the clients behind your linux machine would have access to the net (port 80) and all the others (port 25 and 110 as well). It's either I don't understand your setup or you didn't know about the ICS wizard in the MCC. :? ICS isn't working for me, nor do most of the MCC "Wizards" (MDK9.0, installed with German Packages on a 350MHZ K6-II) ... I'm trying to upgrade to 9.1 in the next few days, but 9.0 Wizards always mess up some of my configuration files and in the end I have to correct everything by hand to get anything working. Those GUI Wizards hardly ask anything or explain anything and so they use incorrect values (Sometimes they place [CR]s or [#]s on wrong positions in the config files. And then they always install RPMs I don't want at all (e.g. shorewall - I don't want that one, because it messes up a lot on my system...) I don't know what I'm doing wrong, but the GUI is just a way to learn how to configure files in a text console (sounds weird....) - When I start something new, like DSL, Firewalls, ICS, Samba, Squid or so, I try the MCC and then learn how to correct everything in the command line... I start to hate that. :( Peter Panic Quote Link to comment Share on other sites More sharing options...
PeterPanic Posted September 7, 2003 Author Report Share Posted September 7, 2003 Somehow Samba seems to stop working correctly as soon as ICS runs. Is it possible that the IP-Routing done by ICS also routes the Samba-calls from the clients to the Internet ? So that they don't reach Samba any more? Thanks, Bye. PeterPanic Quote Link to comment Share on other sites More sharing options...
bvc Posted September 7, 2003 Report Share Posted September 7, 2003 I had the same thought.....I can't get Samba to work either with ICS....been trying on and off for 2 weeks :shock: Quote Link to comment Share on other sites More sharing options...
MottS Posted September 7, 2003 Report Share Posted September 7, 2003 You guys have to play with /etc/shorewall/rules or /etc/shorewall/policy if you wanna use Samba. The ICS wizard enable Shorewall (the default firewall .. you know that) and ports 137 to 139 tcp & udp are blocked by default. The best way to configure Shorewall is to allow NOBODY to connect from the net to your network BUT to allow anyone from the local network to connect to another within the local network... to do so read and understant /etc/shorewall/policy. Here is mine: #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST masq net ACCEPT fw net ACCEPT masq masq ACCEPT net all DROP all all REJECT LINE #1 : Allow people on the local network (masq) to access servers on the net (like http site, ftp, ssh, kazaa, etc, etc, etc.) LINE #2 : Allow the machine on which Shorewall is running (fw) to access the net like any other machines on the local network (masq) LINE #3 : Allow computers on the local network to connect to each other (SAMBA !) LINE #4 : Block those from the net who try to connect to your network LINE #5 : Block anything else you didn't think of. Now restart shorewall (type 'service shorewall restart') and try to ping a machine on your network .. it's going to work for sure! :wink: MOttS Quote Link to comment Share on other sites More sharing options...
MottS Posted September 7, 2003 Report Share Posted September 7, 2003 Forgot something. If you guys wanna share files with the firewall (fw - the machine on which Shorewall is running and ICS is enabled) then /etc/shorewall/policy should look like that #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST #Allow computers to surf the www masq net ACCEPT fw net ACCEPT #Allow computers on the local network to communicate masq fw ACCEPT fw masq ACCEPT masq masq ACCEPT #Block all request from the net and everything else not specified above net all DROP all all REJECT Don't forget that this file is read from the top to the end by the Shorewall binary. So don't put anything below net all DROP and all all REJECT because the line you add will be ignored. M :P ttS Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.