On Mon, 2003-11-24 at 13:43, Dennis Calhoun wrote: > I've decided to hold off on upgrading to Fedora until it's next > release, to allow time for any unexpected bugs to be fixed. Good thing you aren't holding your breath, too. :) The next release will have kernel-2.6.x and a whole bunch of new unexpected bugs to be squashed. > In the meantime I've been trying to get Red Hat Linux 9 set up to > serve a very small home network (only one other machine, running > WinXP), with NO success. Then you should be asking on shrike-list@xxxxxxxxxx, but I am not feeling evil today. :) > I've tried to do as it says in the Red Hat Linux 9 Bible, mostly > around what is addressed in chapter 15 and 16, but I can't believe how > much time I have spent on this so far and still can not get anything > to work. Neither machine "sees" the other and internet connection > sharing is no where near anything that will work yet. I don't have access to that bible. Fortunately I'm paid to know this stuff, and do it all the time. Here's my quick and dirty: Set up your eth0 to get a dhcp address from your ISP. Put a fixed address on eth1 of your linux machine (it does have two network interfaces, doesn't it?) like 192.168.1.254. The netmask should be 255.255.255.0 Don't set a gateway, your gateway and DNS servers will be inherited from your ISP's dhcp server on eth0. Set a fixed IP on the Windows box of 192.168.1.1, using a netmask of 255.255.255.0, and a gateway address of 192.168.0.254. Set the DNS servers to your ISP's for now. (I don't do Windows, don't ask how.) Edit /etc/sysctl.conf and change the existing line to read: # Controls IP packet forwarding net.ipv4.ip_forward = 1 Install a nat firewall. A nice quick one can be gotten from: http://people.redhat.com/mgahagan/firewall/fwiptables/RPM/noarch/fwiptables-1.0-3.noarch.rpm Install the rpm, If you used the IP addresses I suggested, then the config file /etc/sysconfig/fwiptables.conf will work as is, although no inbound traffic will be allowed at all except for traffic relating to the outbound requests you make. You can edit the fwiptables.conf file to allow individual ports for whatever services you desire. For instance if you want to access your machine remotely via ssh, and host a web server, make the TCP_ALLOW line read: TCP_ALLOW="22 80 443". When ready, run the following commands: # sysctl -p # chkconfig --level 35 ipchains off # chkconfig --level 35 iptables off # chkconfig --level 35 fwiptables on # service ipchains stop # service iptables stop # rmmod ipchains (may be unnecessary, or show an error. No problem) # service fwiptables start You should now be able to ping/browse from the Windows box. >From this point it's up to you to configure other services (like dhcpd on eth1 only!, named, ntpd, smtp, pop/imap, etc) as you desire, but you can ignore those if you use the manually configured fixed IP's and tell your machines to use your ISP's name server and mail server(s). (Might want to list your local machines in /etc/hosts on all local machines in this case). Good luck. -- Chris Kloiber Red Hat, Inc.
