Em Seg, 2005-04-04 às 19:23 +0200, Mark Nixon escreveu: > Darn, it's hard to formulate an appropriate subject sometimes. > > I have a little peer-to-peer network. I have an ADSL modem and a switch, > to which I have 4 computers connected, > > As far as I have been able to suss out, my ADSL modem or my switch is > assigning the 10.0.* addresses. > > I have only one printer, attached to my Linux computer. At the moment, > this is the most logical for my configuration. > > I have one computer running Win Me, another running Win XP, a third > running Linux Core 3, and occasionally my laptop running Win XP. > > If there's any other info required, let me know. > > Up to now, I've been able to use my Linux machine as a print server by > sending the command (as root) iptables -F. > > I know this is stupid. > > Of course, I want the other computers on my LAN to be able to see, and > use, my share files *every* time. > > Which, of course, means that iptables rules should be read in at boot > time. > > >From what I've been able to suss out from man iptables, Googling and > reading "Red Hat Fedora Linux 3 Bible" I should do the following: > > stop iptables "/etc/init.d/iptables stop" > > from the command line "iptables -A INPUT -p ALL -i eth0 -s 10.0.0.0/6 > accept" > > then I should write "service iptables save" > > and then reboot? > > This seems a little weird, as 10.0.0.1 is my gateway to the internet. > > Shouldn't it be "10.0.0.2/6 accept"? > Nope.. It's 10.0.0.0/6 accept .... Look on google for some information about CIDR notation and netmasks... In fact , I'd preffer to do something more controlled.. Something like 10.0.0.0/24 accept.. This means that only machines with IPs in the range 10.0.0.1 - 10.0.0.254 can access your machine... > My Linux computer is *not* the Internet gateway, as European energy > costs rule out (for us, anyway) having my Linux computer always running. > Each computer on my LAN should be able to access the Internet > independently. > Let me see if I understood correctly... Your modem is connected to a cable/dsl router, right? (like this: modem --> router = all the machines ) If it is , then you shouldnt need to have your computer always turned on to access the internet.. You would have to turn it on just to print , since the printer is connected to your computer... That iptables rule should do the trick of allowing anyone to print to your printer , as long as cups (the print server) is properly configured already.. -- Pedro Macedo
