Solved

Using LINUX as network modem server using SLIP

Posted on 1997-04-13
5
337 Views
Last Modified: 2010-03-18
Hello:

   I was succesful making a connection to my ISP using slip (dip) in my Linux machine, now I want other machines on the network to use this connection to access the Internet, How can I do it? I read somebody mentioning IP forwarding/masquerading but I don't know what this is or how it works.
Any ideas?
0
Comment
Question by:jlms
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 

Expert Comment

by:jcol
ID: 1584358
If you want to use a linux box to forward packets from/to the internet, you are creating a gateway. (You should specify
this when compiling the kernel). The gateway configuration
is, as I believe, explained in the net2-howto which you
can find on any sunsite mirror. Now to IP masquerading :
if you only have one IP adress from your provider, you can only
run one computer with it directly. You can have a router (or your linux box) translate your internal ip adresses into the externally valid ones and back.
The configuration of such a gateway-router system requires an
understanding of the underlying principles. I recommend you
look around a bit on the net; e.g. cisco.com has a great website
where many networking topics are explained thoroughly.
(You do _not_ have to buy a cisco router ;-)...)

Hope this helps,
0
 
LVL 4

Author Comment

by:jlms
ID: 1584359
Yes, all what you say sound reasonable, but at least resumed, what are the steps I should follow to connect another machine to the Internet using the Linux box as a router and taking in account I have only SLIP access? Let's say, I have Sun boxes and one SGI machine, how could I make sure users in those machines can use their WWW browsers? If I achieve this, I can do anything else.

Thank you for the help, but I need a little more of information from somebody with hands-on experience.

0
 

Expert Comment

by:jcol
ID: 1584360
1. setup your slip dialout scripts (you did that already)
2. configure your kernel to include routing and gatewaying
(using make config) and compile the new kernel
3. install the new kernel with lilo or whatever loader you
use
4. now comes the net-howto; it explains how to configure
your linux box to route the requests on the internal network
to the outside world
5. configure your clients to use your linux box for ip
as gateway for ip traffic
6. done.
There is nothing special about sun,sgi or whatever - once a machine knows that it can send ip packets over your gateway,
everything is straightforward.
0
 

Accepted Solution

by:
fandrit earned 120 total points
ID: 1584361
I think that the best way to become a small 'ISP' :) is the IP masquerade.Setting up the IP masquerade is quite easy.First of all you have to configure your kernel by typing make config at /usr/src/linux directory...You HAVE to say YES to the following:
 * Prompt for development and/or incomplete code/drivers
              CONFIG_EXPERIMENTAL
              - this will allow you to select experimental ip_masq code compiled
                into the kernel

            * Enable loadable module support
              CONFIG_MODULES
              - allows you to load modules

            * Networking support
              CONFIG_NET

            * Network firewalls
              CONFIG_FIREWALL
          
           * TCP/IP networking
              CONFIG_INET

            * IP: forwarding/gatewaying
              CONFIG_IP_FORWARD

            * IP: firewalling
              CONFIG_IP_FIREWALL

            * IP: masquerading (EXPERIMENTAL)
              CONFIG_IP_MASQUERADE
              - although it is experimental, it is a *MUST*

            * IP: always defragment
              CONFIG_IP_ALWAYS_DEFRAG
              - highly recommended
           * TCP/IP networking
              CONFIG_INET

            * IP: forwarding/gatewaying
              CONFIG_IP_FORWARD

            * IP: firewalling
              CONFIG_IP_FIREWALL

            * IP: masquerading (EXPERIMENTAL)
              CONFIG_IP_MASQUERADE
              - although it is experimental, it is a *MUST*

            * IP: always defragment
              CONFIG_IP_ALWAYS_DEFRAG
              - highly recommended

r compiling the kernel, you should compile and install the modules:

          make modules; make modules_install
If you want to enable ftp,irc,real audio you have to make a file contains the below

            /sbin/modprobe ip_masq_ftp
                /sbin/modprobe ip_masq_raudio
                /sbin/modprobe ip_masq_irc

and you load these every time your systems starts.
The last thing you have to set up is the permission...
Your clients have not real IP addresses so you have to assign them with 'intranets' ip's as 192.168.168.0 network.
Write down a file like that:

#!/bin/sh
ipfwadm -F -a m -S 192.168.168.X/32 -D 0.0.0.0/0
ipfwadm -F -a m -S 192.168.168.Y/32 -D 0.0.0.0/0
ipfwadm -F -a m -S 192.168.168.X/32 -D 0.0.0.0/0
# To permit the above IP addressess
                  .
                  .
                  .
ipfwadm -F -p deny
# To deny everybody else...

P.S. You have to run this file (or by command line) BEFORE
 establish the internet connection...

                  fandrit@ariadne-t.gr
0
 
LVL 4

Author Comment

by:jlms
ID: 1584362
Your answer is exactly what I needed, now my workstations use the little Linux box to access the Internet.

Thank you and sorry for the delay in grading your answer.
0

Featured Post

Don't miss ATEN at NAB Show April 24-27!

Visit ATEN at NAB Show to learn how our "Seamlessly Entertaining" solutions deliver fast, precise video streaming without delays for the broadcasting and media environment. ATEN will showcase its 16x16 Modular Matrix Switch (VM1600) and KVM Over IP Solution (KE6900 series).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question