On Fri, 2004-06-04 at 22:08, Jason Kretzer wrote: > So to start this off, my first questions: > 1.) What IP do I need to give the gateway? I assume > one of the reserved ie. 192.168.1.1 or similar. That would work nicely. > 2.) What do I put as the gateway IP when setting up > the gateway computers lan connection? Do I put its > own? Easier to set up dhcpd correctly, then other machines on your LAN get their IP/NETMASK/GATEWAY/DNS information automatically. Yes you can still set things up so that each machine's IP is static across reboots. Example file is at /usr/share/doc/dhcp-3*/dhcpd.conf.example Copy it to /etc/dhcpd.conf and edit to taste. Don't forget to also edit /etc/sysconfig/dhcpd and make it say DHCPDARGS=eth0 (assuming that is your LAN interface). You wouldn't want to accidentally offer dhcp addresses to your ISP. They tend to get bent out of shape over that. Also set up named to handle local name resolution of machines on your LAN. You can use your isp's names servers as forwarders, or not. (I get a kick out of being able to surf the net while my neighbors can't because the ISP has DNS issues, and I don't!) system-config-bind should be capable of handling this setup easily enough. > 3.) How does one share the dialup connection? With a NAT firewall, specifying ppp0 as the WAN connection. May I suggest a simple to set up firewall in rpm format: http://people.redhat.com/mgahagan/firewall/fwiptables/RPM/ Install it, edit /etc/sysconfig/fwitpables (lots of comments in the default file), then run: # service iptables stop # chkconfig --level 35 iptables off # chkconfig --level 35 fwiptables on # service fwiptables start Also edit the line in /etc/sysctl.conf that reads: # Controls IP packet forwarding net.ipv4.ip_forward = 0 and make that a '1' instead of '0', then run "sysctl -p" as root. > 4.) How does one set the gateway to connect to the > internet when one of the computers on the lan requests > it? Computers on the LAN don't care. They use the internal IP of the machine doing the sharing. The machine running pppd is the only one that cares about the upstream gateway. > 5.) How does NAT/Masquerading get done in this > situation? See above. > 6.) What about a firewall using iptables? Ditto. > 7.) How difficult is Squid to set up? Obviously I > will need a proxy because of the slow dialup > connection speed. Good idea. It's not too bad. Assuming you use the internal IP address range mentioned above you can run a squid by carefully placing 2 lines in your /etc/squid/squid.conf: Find this comment, then add the acl line as the next line: #Recommended minimum configuration: acl mylan src 192.168.1.0/255.255.255.0 Find this comment, then add the http_allow line as the next line: # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS http_access allow mylan You do want your gateway machine to have a good amount of ram, the default squid will only cache 100 megs of information. You can increase that by uncommenting and editing the line that reads: # cache_dir ufs /var/spool/squid 100 16 256 Change the 100 to the number of megs you want to cache. Leave the other numbers alone unless you want to experiment. In theory if the size of the squid cache fits in memory things will go faster, but in your case reading from the disk will be faster than dialup anyway. The one question I can't help you with is how to set up on-demand dialing correctly. I haven't owned a dial up modem since a 14,400 baud USR V.anything cost over US$200 (and that was the half-off "Sysop" discount!) I used to run a fidonet bbs on an Amiga 500. -- Chris Kloiber
