View previous topic :: View next topic |
Author |
Message |
orlando_furioso n00b
Joined: 16 Nov 2004 Posts: 34
|
Posted: Tue Nov 16, 2004 9:45 pm Post subject: HOWTO: Easy Home Network Setup (dhcp, dnsmasq, iptables) |
|
|
I looked around a lot and found out there are a lot of howtos on iptables and so on.
Best I like is Home-Router-Howto, HOWTO: Iptables for Newbies and Using Iptables by Greg Ippolito.
I assume a network Like [ Internet ] - - - [[ eth0 ] [ router] [ eth1 ]] - - - [ clients ]
what means eth0 is WAN, eth1 is LAN
eth1 IP: 192.168.0.1
1. Lets start with a DHCP Server
Code: | emerge dhcp
nano -w /etc/dhcp/dhcpd.conf |
should look like:
Quote: |
authoritative;
ddns-update-style ad-hoc;
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.100 192.168.0.250;
default-lease-time 259200;
max-lease-time 518400;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.0.255;
option routers 192.168.0.1;
option domain-name-servers 192.168.0.1;
} |
Code: | nano -w /etc/conf.d/dhcp |
Set: IFACE="eth0"
Code: | rc-update add dhcp default
/etc/init.d/dhcp start |
2. DNS Server
Code: | emerge dnsmasq
nano -w /etc/conf.d/dnsmasq |
Add "-i eth0" to DNSMASQ_OPTS
Code: | rc-update add dnsmasq default
/etc/init.d/dnsmasq start |
3. NAT - iptables
Code: | emerge iptables
iptables --flush - Flush all the rules in filter and nat tables
iptables --table nat --flush
iptables --delete-chain - Delete all chains that are not in default filter and nat table
iptables --table nat --delete-chain
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface eth1 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward - Enables packet forwarding by kernel
/etc/init.d/iptables save
rc-update add iptables default
/etc/init.d/iptables start |
Finished!!
Last edited by orlando_furioso on Wed Nov 17, 2004 12:00 am; edited 1 time in total |
|
Back to top |
|
|
rhewt n00b
Joined: 12 Jan 2004 Posts: 46
|
Posted: Tue Nov 16, 2004 10:52 pm Post subject: |
|
|
I think you mean that eth0 is WAN and eth1 is LAN. _________________ Think inside of the box first. |
|
Back to top |
|
|
Cr0t l33t
Joined: 27 Apr 2002 Posts: 944 Location: USA
|
Posted: Fri Nov 19, 2004 5:29 am Post subject: |
|
|
If you are already using DNSMASQ why don't you just use the integrated DHCP Server? _________________ cya |
|
Back to top |
|
|
orlando_furioso n00b
Joined: 16 Nov 2004 Posts: 34
|
Posted: Fri Nov 19, 2004 9:38 am Post subject: ... |
|
|
because I don't know how ; ) |
|
Back to top |
|
|
przeuj Tux's lil' helper
Joined: 11 May 2004 Posts: 94 Location: Krakow
|
|
Back to top |
|
|
adastra1982 n00b
Joined: 17 Jan 2004 Posts: 28 Location: Poznan, Poland, EU
|
Posted: Wed Dec 01, 2004 12:46 pm Post subject: Re: HOWTO: Easy Home Network Setup (dhcp, dnsmasq, iptables) |
|
|
orlando_furioso wrote: | I looked around a lot and found out there are a lot of howtos on iptables and so on.
Best I like is Home-Router-Howto, (..) |
- I pretty much like that one myself ..but that official how-to actually contains everything you wrote here and much more, so what's *your* how-to for? If it doesn't add anything new - for example - to this official acticle, what is it's purpose? _________________ adastra |
|
Back to top |
|
|
przeuj Tux's lil' helper
Joined: 11 May 2004 Posts: 94 Location: Krakow
|
Posted: Wed Dec 01, 2004 1:13 pm Post subject: |
|
|
Your 100% right
But i think, for what im doing, i would rather read this short article, then bother to read the whole bunch of the guide. I needed only those 4 simple steps to set it up. So I think - this how-to could be for wasting like 20 mins less on doing this, and saving time. I am not net admin to bother with all those things. Im just using linux
cheers. _________________ [img]http://www.openwengo.org/static/eng_eng/images/banners/wengophone.png[/img] |
|
Back to top |
|
|
ayem n00b
Joined: 24 Mar 2004 Posts: 19 Location: Krakow PL
|
Posted: Thu May 26, 2005 7:25 pm Post subject: |
|
|
very nice help guys. both were very usefull - shorter for easy start, longer for more careful reading - thanx a lot :] _________________ ayem |
|
Back to top |
|
|
|