[spamcop@indirect.com] Re: slackware firewall for internal windows network
Michael F. March
plug-discuss@lists.PLUG.phoenix.az.us
Sun, 28 Oct 2001 20:10:32 -0700
This is a multi-part message in MIME format.
------=_NextPart_000_04A8_01C15FEC.98C54430
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
ipconfig.exe
----- Original Message -----=20
From: cg.mk.snow=20
To: plug-discuss@lists.PLUG.phoenix.az.us=20
Sent: Sunday, October 28, 2001 7:06 PM
Subject: [spamcop@indirect.com] Re: slackware firewall for internal =
windows network
I bet it has something similar, I do not use win2000 so i am not sure. =
Do a search on *.ip*.exe i bet you find something.
----- Original Message -----=20
From: Tom Achtenberg=20
To: plug-discuss@lists.PLUG.phoenix.az.us=20
Sent: Sunday, October 28, 2001 7:22 AM
Subject: RE: slackware firewall for internal windows network
Windows 2000 does not use winipcfg
-----Original Message-----
From: plug-discuss-admin@lists.PLUG.phoenix.az.us =
[mailto:plug-discuss-admin@lists.PLUG.phoenix.az.us]On Behalf Of =
cg.mk.snow
Sent: Sunday, October 28, 2001 6:32 AM
To: plug-discuss@lists.PLUG.phoenix.az.us
Subject: Re: slackware firewall for internal windows network
I am still learning linux, so please take any Linux advice i give =
with a grain of salt. However, if you want the IP address of the cable =
modem ethernet card, LAN card, and the dns servers, boot to windows and =
click srart>run. Enter winipcfg in the box, and click ok. This brings up =
a window that shows you all your network info. There is a pull down box =
for each ethernet adapter. You may need to click the "more info" button =
to get some of the info you need. For the dns server ip's, click the =
button that has three periods to the right of the box, and it should =
give you three different addresses. I would recommend writing all the =
info down, including the adapter addresses. This may be doable in Linux, =
but I do not know how to do it.
As far as setting up your system, I am trying to do the same thing =
as you and this is a mini roadmap for what I think should be done.
1) get the linux(server) box connected to the web.
2) Set up home network and test it with ping
3) Get IP forwarding(NAT) working
4) Get firewall working
5) set up samba
6) move my printer onto the server and try to get it to work.
7) I would eventually like to set up apache to serve a web page that =
is reaching a little far for me right now though.
For getting the server computer to see the internet, make sure to =
follow the advice I was given by David Mandala,
In the /etc/sysconfig/network-scripts/ifcfg-eth0 script add a line =
that reads "DHCP_HOSTNAME=3D'your hostname as assinged by cox @home'" =
and then do ifup eth0.That seemed to help me. =20
To make sure the computers are seeing each other, on the win systems =
open a dos prompt and ping the server.
On the linux box, open a console window and use ping on the windows =
boxes.
As for getting the NAT to work, I am afraid i am in the same boat as =
you. I can get my win 98 and ME computers to ping the server, but netwok =
translation still does not work. I think that I need to make sure I set =
the domain on my linux box to to the same as my windows boxes. I may =
need to set up the "work group" up too. I have been working long days =
the last four days so I have not had a chance to look at it.
I hope this helps, I will let you know if I find anything new.
Cliff
----- Original Message -----=20
From: Jeff Barker=20
To: plug-discuss@lists.PLUG.phoenix.az.us=20
Sent: Sunday, October 28, 2001 2:11 AM
Subject: slackware firewall for internal windows network
I'm setting up a firewall for an internal network at home mainly =
to keep security inside the network, and to maximize internal network =
speed and file sharing capabilities.
I want to be able to have the firewall basically transparent using =
ipfiltering so the two computers behind it can still have full access to =
the internet.
I want to use a 192.168.0.x internal network address.
The system is a K62 3D with two network cards, a 3com 3c905b, and =
a netgear FA310Tx card. I have access to the internet using the 3com and =
I've gotten the module support for the tulip driver for the other card =
and set up to use the 192.168.0.x network address.
I use a static IP address setup for eth0 on COX@HOME and run a DNS =
server to be able to lookup names, because I can't get it connected to =
COX any other way without knowing their DNS server addresses. (I lost =
the paper and they don't give them out anymore, they want you to use =
DHCP which incidentally I can't get to work right either)
Anyways, right about here is where I am confused on what to do =
next to get it to forward packets and masquerade or how to configure it =
as a router of anytype.
I'm using Slackware 8.0 with a newly compiled 2.4.5 kernel with =
support for NAT, routing and many other options that I knew I needed in =
setup.
I've read through the many HOWTOs, and other Guides at the LDP =
website, on routing and firewall setup and a lot of it is for Redhat =
which is enough of a difference to confuse me even more.
Does anyone have any knowledge they could pass me, have a setup =
like this yourself that you could share your experiences, or just have =
some advice for me?
oh yeah, I have a hub that I was planning on setting up like this:
Two windows 2000 machines going through a hub, which connects to =
the linux machine through an up port which is connected to the Cable =
modem with the other card.
I want to be able to share files through the two windows machines, =
and even networked drives, but not with the linux machine at all, just =
those two machines.
I did not install samba support because since this was the case I =
didn't think it would be needed.
Ok, where do I start?
------------------------------------------------------------------
J e f f B a r k e r
Stickboy Productions
http://www.stickboyproductions.com
jeff@stickboyproductions.com
home: 602.992.4478
work: 480.315.4325
fax: 480.315.4003
------------------------------------------------------------------ =
------=_NextPart_000_04A8_01C15FEC.98C54430
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 5.50.4807.2300" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT size=3D2>ipconfig.exe</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style=3D"FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV=20
style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: =
black"><B>From:</B>=20
<A title=3Dcg.mk.snow@home.com =
href=3D"mailto:cg.mk.snow@home.com">cg.mk.snow</A>=20
</DIV>
<DIV style=3D"FONT: 10pt arial"><B>To:</B> <A=20
title=3Dplug-discuss@lists.PLUG.phoenix.az.us=20
=
href=3D"mailto:plug-discuss@lists.PLUG.phoenix.az.us">plug-discuss@lists.=
PLUG.phoenix.az.us</A>=20
</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Sent:</B> Sunday, October 28, 2001 =
7:06=20
PM</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Subject:</B> [spamcop@indirect.com] =
Re:=20
slackware firewall for internal windows network</DIV>
<DIV><BR></DIV>
<DIV><FONT face=3DArial size=3D2>I bet it has something similar, I do =
not use=20
win2000 so i am not sure. Do a search on *.ip*.exe i bet you find=20
something.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style=3D"FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV=20
style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: =
black"><B>From:</B>=20
<A title=3DTom@jesusforme.com href=3D"mailto:Tom@jesusforme.com">Tom =
Achtenberg</A> </DIV>
<DIV style=3D"FONT: 10pt arial"><B>To:</B> <A=20
title=3Dplug-discuss@lists.PLUG.phoenix.az.us=20
=
href=3D"mailto:plug-discuss@lists.PLUG.phoenix.az.us">plug-discuss@lists.=
PLUG.phoenix.az.us</A>=20
</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Sent:</B> Sunday, October 28, =
2001 7:22=20
AM</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Subject:</B> RE: slackware =
firewall for=20
internal windows network</DIV>
<DIV><BR></DIV>
<DIV><SPAN class=3D655222214-28102001><FONT face=3DVerdana =
color=3D#0000ff>Windows=20
2000 does not use winipcfg</FONT></SPAN></DIV>
<DIV><SPAN class=3D655222214-28102001></SPAN> </DIV>
<DIV class=3DOutlookMessageHeader dir=3Dltr align=3Dleft><FONT =
face=3DTahoma=20
size=3D2>-----Original Message-----<BR><B>From:</B> <A=20
=
href=3D"mailto:plug-discuss-admin@lists.PLUG.phoenix.az.us">plug-discuss-=
admin@lists.PLUG.phoenix.az.us</A>=20
[mailto:plug-discuss-admin@lists.PLUG.phoenix.az.us]<B>On Behalf Of=20
</B>cg.mk.snow<BR><B>Sent:</B> Sunday, October 28, 2001 6:32=20
AM<BR><B>To:</B> <A=20
=
href=3D"mailto:plug-discuss@lists.PLUG.phoenix.az.us">plug-discuss@lists.=
PLUG.phoenix.az.us</A><BR><B>Subject:</B>=20
Re: slackware firewall for internal windows =
network<BR><BR></FONT></DIV>
<DIV><FONT face=3DArial size=3D2>I am still learning linux, so =
please take any=20
Linux advice i give with a grain of salt. However, if you want =
the IP=20
address of the cable modem ethernet card, LAN card, and the dns =
servers,=20
boot to windows and click srart>run. Enter winipcfg in the box, =
and click=20
ok. This brings up a window that shows you all your network info. =
There is a=20
pull down box for each ethernet adapter. You may need to click =
the =20
"more info" button to get some of the info you need. For the dns =
server=20
ip's, click the button that has three periods to the right of the =
box, and=20
it should give you three different addresses. I would =
recommend=20
writing all the info down, including the adapter addresses. This may =
be=20
doable in Linux, but I do not know how to do it.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>As far as setting up your system, I =
am trying to do the same thing as you and this is a mini =
roadmap for=20
what I think should be done.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>1) get the linux(server) box =
connected to the=20
web.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>2) Set up home network and test it =
with=20
ping</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>3) Get IP forwarding(NAT)=20
working</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>4) Get firewall =
working</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>5) set up samba</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>6) move my printer onto the server =
and try to=20
get it to work.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>7) I would eventually like to set =
up apache to=20
serve a web page that is reaching a little far for me right now=20
though.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>For getting the server computer to =
see the=20
internet, make sure to follow the advice I was given by David=20
Mandala,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>
<DIV><SPAN class=3D093582906-24102001><FONT face=3DArial =
color=3D#0000ff size=3D2>In=20
the /etc/sysconfig/network-scripts/ifcfg-eth0 script add a line that =
reads=20
"DHCP_HOSTNAME=3D'your hostname as assinged by cox @home'" and then =
do ifup=20
eth0.</FONT></SPAN><SPAN class=3D093582906-24102001>That seemed to =
help=20
me. </SPAN></DIV>
<DIV><SPAN class=3D093582906-24102001></SPAN> </DIV>
<DIV><SPAN class=3D093582906-24102001>To make sure the computers are =
seeing=20
each other, on the win systems open a dos prompt and ping the=20
server.</SPAN></DIV>
<DIV><SPAN class=3D093582906-24102001></SPAN> </DIV>
<DIV><SPAN class=3D093582906-24102001>On the linux box, open a =
console window=20
and use ping on the windows boxes.</SPAN></DIV>
<DIV><SPAN class=3D093582906-24102001></SPAN> </DIV>
<DIV><SPAN class=3D093582906-24102001>As for getting the NAT to =
work, I am=20
afraid i am in the same boat as you. I can get my win 98 and ME =
computers to=20
ping the server, but netwok translation still does not work. I think =
that I=20
need to make sure I set the domain on my linux box to to the same as =
my=20
windows boxes. I may need to set up the "work group" up too. I have =
been=20
working long days the last four days so I have not had a chance to =
look at=20
it.</SPAN></DIV>
<DIV><SPAN class=3D093582906-24102001></SPAN> </DIV>
<DIV><SPAN class=3D093582906-24102001>I hope this helps, I will let =
you know=20
if I find anything new.</SPAN></DIV>
<DIV><SPAN =
class=3D093582906-24102001>Cliff</SPAN></DIV></FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style=3D"FONT: 10pt arial">----- Original Message ----- =
</DIV>
<DIV=20
style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: =
black"><B>From:</B>=20
<A title=3Djeff@stickboyproductions.com=20
href=3D"mailto:jeff@stickboyproductions.com">Jeff Barker</A> =
</DIV>
<DIV style=3D"FONT: 10pt arial"><B>To:</B> <A=20
title=3Dplug-discuss@lists.PLUG.phoenix.az.us=20
=
href=3D"mailto:plug-discuss@lists.PLUG.phoenix.az.us">plug-discuss@lists.=
PLUG.phoenix.az.us</A>=20
</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Sent:</B> Sunday, October 28, =
2001 2:11=20
AM</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Subject:</B> slackware firewall =
for=20
internal windows network</DIV>
<DIV><BR></DIV>I'm setting up a firewall for an internal network =
at home=20
mainly to keep security inside the network, and to maximize =
internal=20
network speed and file sharing capabilities.<BR><BR>I want to be =
able to=20
have the firewall basically transparent using ipfiltering so the =
two=20
computers behind it can still have full access to the =
internet.<BR><BR>I=20
want to use a 192.168.0.x internal network address.<BR><BR>The =
system is a=20
K62 3D with two network cards, a 3com 3c905b, and a netgear =
FA310Tx card.=20
I have access to the internet using the 3com and I've gotten the =
module=20
support for the tulip driver for the other card and set up to use =
the=20
192.168.0.x network address.<BR><BR>I use a static IP address =
setup for=20
eth0 on COX@HOME and run a DNS server to be able to lookup names, =
because=20
I can't get it connected to COX any other way without knowing =
their DNS=20
server addresses. (I lost the paper and they don't give them out =
anymore,=20
they want you to use DHCP which incidentally I can't get to work =
right=20
either)<BR><BR>Anyways, right about here is where I am confused on =
what to=20
do next to get it to forward packets and masquerade or how to =
configure it=20
as a router of anytype.<BR><BR>I'm using Slackware 8.0 with a =
newly=20
compiled 2.4.5 kernel with support for NAT, routing and many other =
options=20
that I knew I needed in setup.<BR><BR>I've read through the many =
HOWTOs,=20
and other Guides at the LDP website, on routing and firewall setup =
and a=20
lot of it is for Redhat which is enough of a difference to confuse =
me even=20
more.<BR><BR>Does anyone have any knowledge they could pass me, =
have a=20
setup like this yourself that you could share your experiences, or =
just=20
have some advice for me?<BR><BR>oh yeah, I have a hub that I was =
planning=20
on setting up like this:<BR><BR>Two windows 2000 machines going =
through a=20
hub, which connects to the linux machine through an up port which =
is=20
connected to the Cable modem with the other card.<BR><BR>I want to =
be able=20
to share files through the two windows machines, and even =
networked=20
drives, but not with the linux machine at all, just those two=20
machines.<BR><BR>I did not install samba support because since =
this was=20
the case I didn't think it would be needed.<BR><BR>Ok, where do I=20
start?<BR><BR><BR><BR><X-SIGSEP>
<P></X-SIGSEP><FONT=20
=
face=3DVerdana>----------------------------------------------------------=
--------<BR><B>J=20
e f f B a r k e r<BR><BR>Stickboy Productions<BR></B><A=20
href=3D"http://www.stickboyproductions.com/"=20
=
eudora=3D"autourl">http://www.stickboyproductions.com</A><BR>jeff@stickbo=
yproductions.com<BR>home: =20
602.992.4478<BR>work: =20
480.315.4325<BR>fax: =20
=
480.315.4003<BR>---------------------------------------------------------=
---------</FONT>=20
</P></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_04A8_01C15FEC.98C54430--