PLEASE UNDERSTAND WHAT YOU ARE DOING BEFORE YOU START THIS. SAVE YOUR EXISTING CONFIGURATION FILES BEFORE CHANGING THEM. Please read my disclaimer about such things.
In the event that I've incorrectly stated something here, please let me know. My E-mail address is below.
You have Linux running with your Cable or DSL ISP and need to have some connectivity for other machines at your place, but refuse to pay the $10/month for an extra IP address. This is where Linux pays for itself!
This document assumes (sic) that you know what's going on
with networks and Linux. Additional documentation can be found in the
Linux Kernel Source tree in the
Although the word firewall is used in this document, it does not mean that the machines behind the firewall are completely safe from Internet attacks. All this document is providing is the setup of Linux to forward packets from machines behind it to the Internet at large without sucking up another registered IP address. Documents on Linux security can be found at www.linux.org, Secure Linux Page and many other fine places on the 'net.
There are a few caveats to go into first.
Where 192.168.254.0/255.255.255.0 needs to be replaced by the (hopefully) private network numbers you've chosen for your private network.
This is not a complete, secure firewall configuration. There are many more settings that ipfwadm/ipchains can manipuplate to increase the security of your machine. Please read the HOWTO documents!
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_forwarding
Alternately if you have
the line in the
network script to read:
Newer versions of Red Hat keep this information in
/etc/sysctl.conf, change the line near the top to
net.ipv4.ip_forward = 1.
All this can be done by hand (once the interfaces are configured) without rebooting the system.
Once things are in place you should be able to do things like:
NOTE: You need to use passive ftp unless your masquerading firewall
is running a 2.1.x vintage (or later) kernel with the
ip_masq_ftp.o module compiled in.