Setting up Linux as an Internet gateway is not difficult to do. A Linux gateway allows two or more computers to use internet at the same time.
While doing so, only the gateway's IP address will be visible on the Internet. The rest of the computers will be ``hidden'' behind the gateway. This is called IP masquerading.
There are certain things that may need your attention, and I will discuss them for
linux to be used as gateway.
First of all, you need a working TCP/IP network. I assume your network is up and running, and all your machines are able to ``see'' each other.
Let me explain my scenario :
Systems in my Network -
I have two systems linux and freebsd
Linux -
(Internet)eth0 ---- 10.33.16.220 /30 ----- Gw - 10.33.16.250
(Private)eth0:1 ---- 192.168.0.10/255.255.255.0
FreeBSD -
lnc0 - 192.168.0.30/255.255.255.0 ---GW-192.168.0.10
I Need to use the freebsd in my network to connect to Internet.
This is vey simple , what you do is add the gateway of linux to freebsd
and set the ip_forward flag to 1 in Linux and mention the DNS entries
/etc/resolv.conf in Freebsd.
In Linux (Gateway)
echo "1" > /proc/sys/net/ipv4/ip_forward
Make sure this is added to /etc/rc.local so that it is set during boot.
In Freebsd
I added the below lines in /etc/resolv.conf
nameserver 192.168.0.30
nameserver 202.x.x.x < ----- Provided by your ISP
Now this will ping and should resolve domain names.
For Eg. If you ping yahoo.com in your freebsd system it will resolve to the public IP. Now the Problems you will have is with things like ftp ... From freebsd system you wont be able to ftp to External IP's We will have to load a few kernel modules using
either insmod or modprobe:
For Kernel 2.4.x which uses IPtablesI used the kernel 2.4.22-21mdk-i686-up-4GB (Mandrake - Linux Gateway)
/sbin/insmod ip_conntrack_ftp
/sbin/insmod ip_nat_ftp
Next, enable Source Network Address Translation (SNAT) so that your client machines can use the Internet transparently
I used,
#iptables -A POSTROUTING -t nat -o eth0 -j MASQUERADE
This should enable you to use external ftp server over freebsd system.
I did not have the IPtables support in kernel, so I had to recompile
Here's what I did :
#cd /usr/src/linux-2.4.22-21mdk
#make xconfig
This Will List --- Linux Kernel Configuration
- Click Network Option
Next,
- IP:Netfilter Configuration
I Selected,
y
--for -->IP tables support (required for filtering/masq/NAt)
then I ran
#make dep
#make clean
If you have enabled loadable modules support in the kernel during configuring, then you have to now execute the commands
# make modules
# make modules_install
Loadable modules are installed in the /lib/modules directory
This Worked !!!
Now I am able to connect to external FTP Servers from freebsd.
No comments:
Post a Comment