--- Satya satyap@satya.virtualave.net wrote:
Hypothetically...
I have a DSL connection to the World. A hub is plugged into it, and 2-6 computers into the hub. Naturally, the computers have a class C (?) between them, which should not be routable from the World. The computers have their own connection to the World through the hub and DSL. I think the whole thing is a star topology, at least for the internal network.
Is what I have described above correct, and possible? I suppose ideally, one of the Linux boxen would get the DSL line and act as firewall to the rest through the hub?
Actually, one of your Linux boxes should be a double-homed host, with one network port (DSL modem, Ethernet, ppp, whatever) connected to your incoming line (DSL in your case) and the other port should be an Ethernet card which plugs into your hub. The toplogy is as follows: __________ ________ Hub | L N |Linux | |---------- O E ------|GW PC |--------|---------- C T DSL |________|eth0 |---------- A W Modem |__________ L K
Now... whichever way, how do I do it on Linux? ipchains alone is enough?
Now, just set a static route between the DSL interface and eth0, by using the "route add" command. You will have to enable IP forwarding in your kernel, and may have to recompile it with the right options if not already set. An ipchains script is necessary if you want to use NAT (network address translation), which allows local non-public IP address based PCs to connect to the world. I recommend that you read the HOWTOs on ipchains, IP Masquerading, transparent proxying etc to get background on this. You can also use a proxy server such as squid.
HTH,
Regards,
Krishnan
__________________________________________________ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail http://personal.mail.yahoo.com/