=?iso-8859-1?q?Ric writes: > I want to use my machine to share a cable modem.
Gee, so many ways to do this... I'll give you the Linux 2.4.xx way. > eth0 goes to a hub and is all currently set up; > I'm running telent, FTP, Apache etc. so that I > don't need to attach a monitor to the machine. > > eth1 (the PCI card) will go to the cable modem. > > I figure that the next thing to do is DHCP. > > How to I get dhcpcd to configure ONLY eth1? (Does > eth1 need "ifconfig eth1 address up" first). Aw, must you? The default for dhcpcd is eth0 only. Use that if you can, thus avoiding a config step. > How do I get inetd to listen to eth1 as well as > eth0? Something like this I'd imagine /etc/init.d/inetd stop /etc/init.d/inetd start > The box will have to do IP Masquerade, this is > ipchains right? I think I can do ipchains. That is the old 2.2.xx way. The new way uses netfilter/iptables. Like this: #!/bin/sh # # Assumptions: # eth0 goes to the cable modem # eth1 goes to the LAN # Kill this now... restart later so it binds to every IP. # Add others here as needed, perhaps including inetd. /etc/init.d/named stop # Kill anything you think might be a security hole #killall -9 foo bar baz # get an IP address dhcpcd # In the NAT table (-t nat), Append a rule (-A) after routing # (POSTROUTING) for all packets going out eth0 (-o eth0) which # says to MASQUERADE the connection (-j MASQUERADE). iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # Turn on IP forwarding echo 1 > /proc/sys/net/ipv4/ip_forward # Give you LAN-side card an address. (10.x.x.x is safe) # Actually, "ifconfig" is obsolete; use "ip" instead. ifconfig eth1 10.0.0.200 # Be a name server to the LAN /etc/init.d/named start ###########################################################
