Searching \ for '[OT] linux masquerading a lan' in subject line. ()
Make payments with PayPal - it's fast, free and secure! Help us get a faster server
FAQ page: techref.massmind.org/techref/index.htm?key=linux+masquerading
Search entire site for: 'linux masquerading a lan'.

Exact match. Not showing close matches.
PICList Thread
'[OT] linux masquerading a lan'
2000\05\10@091742 by John C. Frenzel

flavicon
face
I have my entire office network behind a Linux Router Project box.  Works
very well, very stable, and dependable.   Mix of W98/W95 and Linux machines
on the inside.  ADSL to the net.

> It strikes me that the version of Linux router that fits on a floppy
should be
> put into flash memory with a PIC controlling it to look like a floppy
> controller. Note that I say controller, and not drive, so this would
involve
> disabling (or possibly removing) the floppy controller if it is on the
> motherboard.

Why reinvent the wheel?  Take a look at this:
http://www.tapr.org/tapr/html/Fcfa.html
After the LRP is configured, I removed all the useful but extra utilities
such as ping, telnet, mkfs, editors,etc.  These all sit on a floppy.  If I
need them, I just mount the floppy.  That way, if some one does hack the
box, they have no tools to use.

> Then you would have a totally silent "disk drive" that would have no
mechanical
> moving parts, no media to wear out under the heads, and could be built
into an
> extremely small space.

Yes, it is.  Couple that with a great OS and the whole thing is pretty
bulletproof.
John

2000\05\10@140005 by Josh Koffman

flavicon
face
"John C. Frenzel" wrote:
>
> I have my entire office network behind a Linux Router Project box.  Works
> very well, very stable, and dependable.   Mix of W98/W95 and Linux machines
> on the inside.  ADSL to the net.

Does your ADSL provider use PPP over Ethernet? If so, how did you
implement a client? If not, be thankful :)

Josh Koffman
spam_OUTjoshyTakeThisOuTspammb.sympatico.ca

2000\05\10@150314 by John C. Frenzel

flavicon
face
He uses a Cisco 677 router on my end.  It runs a DHCP server of which my LRP
box is the only client.  The LRP runs NAT and a DNS server for all the
machines on the inside of the firewall.  The space between the cisco and the
LRP is a real no-mans-land with a firewall on either side of an unroutable
subnet.

BTW: the LRP box is headless, but has a 8x40 LCD connected to the serial
port.  The LCD is driven by a PIC 16F84 running a dumb terminal emulator.
The syslog is dumped to the port.

> "John C. Frenzel" wrote:
> >
> > I have my entire office network behind a Linux Router Project box.
Works
> > very well, very stable, and dependable.   Mix of W98/W95 and Linux
machines
> > on the inside.  ADSL to the net.
>
> Does your ADSL provider use PPP over Ethernet? If so, how did you
> implement a client? If not, be thankful :)
>
> Josh Koffman

It took me about 4 hours to switch the setup from a ppp demand dial
arrangement to the Cisco box.
John

2000\05\10@165028 by Jeff Frohwein

flavicon
face
"John C. Frenzel" wrote:
> He uses a Cisco 677 router on my end.  It runs a DHCP server of which my LRP
> box is the only client.  The LRP runs NAT and a DNS server for all the
> machines on the inside of the firewall.

The word NAT is often misused in the linux world and various documents.
True NAT is the ability to use an external pool of several IP addresses
that are translated into internal IPs. No port translation takes place.
AFAIK, no i86 unix boxes commonly currently support NAT except *BSD
(FreeBSD,NetBSD,etc),Solaris x86 (probably), and linux kernels that have
been custom modded for NAT support. From what I hear, true NAT support
as part of the linux kernel distribution won't be added until atleast
2.4.x. if not later.

The ability to use a single external IP for many internal connections
by doing port translation is often referred to as NAT "overloading",
1:Many NAT, port level multiplexed NAT, or Port Address Translation (PAT).
Cisco connonly refers to the term PAT in their documentation so that
is the term I prefer to use.

I'm not suggesting that in this particular instance that the word
is misused since I don't if the kernal has been modified or not. The
main reason I brought this up is just for everyones info.

Jeff

2000\05\10@205006 by marquis DeSade

picon face
josh,
my "provider" doesnt know we exist, kinda a long
story, but basically, a former employee made an
account and buried it...i dont think we have ppp over
ethernet, id have to look at my notes, since it has
been a year
however, we have a static ip address, and dont use
DHCP, although i believe some of the newer kernels
will handle it
on the windows side, using internet exploder 5.x it
has a automatic discovery of a "proxy" server
feature that worked like a top! just choose "connect
through lan" and it figures it out...
needless to say, im happy with it, it hasnt failed,
and its is fast and secure!
cheers

--- Josh Koffman <.....joshyKILLspamspam@spam@MB.SYMPATICO.CA> wrote:
{Quote hidden}

__________________________________________________
Do You Yahoo!?
Send instant messages & get email alerts with Yahoo! Messenger.
http://im.yahoo.com/

2000\05\10@233636 by Chris Eddy

flavicon
face
Josh;

My DSL service provider is Bell Atlantic, and they are running PPPoE.  I had
nothing but trouble getting Windows to run it, and never could get SyGate to run
on it.  I managed to beat my way through to a software tech, who admitted that
they were not prepared for PPPoE.  So I gave up.

I then got word that some Linux gurus in our area, whom a small group of us know
personally, had built a linux box that is PPPoE savvy.  They sold me a PC with
Linux on a drive (sit in a corner and forget), and it has been working flawlessly
ever since.  The fellows admit that they figured out how to script an interface
with the PPPoE connection, and it even re-establishes repeatedly if a connection
goes down.

It seems that if pressed, many list members will admit to a personal firewall in
the building..??!!
Out of sight, out of mind (one of the few flaws in Linux)

Chris Eddy

Josh Koffman wrote:

{Quote hidden}

2000\05\19@180508 by Josh Koffman

flavicon
face
Chris Eddy wrote:
{Quote hidden}

Chris,
Sorry for the late reply, things have been somewhat chaotic around here
lately. I would be very interested in this linux pppoe implementation if
you have any more information on it. I am trying to do basically the
same thing. Unfortunately because of time constraints, I haven't gotten
too far.

Thanks in advance,
Josh Koffman
EraseMEjoshyspam_OUTspamTakeThisOuTmb.sympatico.ca

2000\05\22@072945 by Andrew Kunz

flavicon
face
I just did a little testing to see how well my ISP-150 (from http://www.jdr.com) has my
system secured.

Steve Gibson (http://www.grc.com) was unable to even SEE my machines for most of the
attempts he made.

I saved the browser screens as JPEG files if anybody wants a copy.
montanaspamspam_OUTfast.net

After seeing how secure my LAN is from Internet crackers, I like the little box
even more than I did before!

Andy

More... (looser matching)
- Last day of these posts
- In 2000 , 2001 only
- Today
- New search...