Facebook   Twitter    YouTube    RSS Feed    Android App    iPhone and iPad App     BlackBerry App    
Subscribe to Newsletter



Page 1 of 2 1 2 LastLast
Results 1 to 15 of 17

Thread: Linux home gateway

  1. #1

    Default Linux home gateway

    Hello everyone.
    I'm battling my butt off to get my home Linux SuSE 10.0 server to be an internet gateway by using iBurst.
    I can use iBurst on the server itself to connect to the internet and surf but I just can't seem to be able to set it up as a router/gateway sothat other PCs may connect to it and go online.

    I have a posting at linuxquestions.org with all the info there, if you don't mind looking there.

    Can anyone help?

    Thanks

  2. #2
    Grandmaster
    Join Date
    Mar 2005
    Location
    Johannesburg
    Posts
    2,003

    Default

    I used this with great success this last time I did this: http://www.linuxhomenetworking.com/w..._to_One_NAT.29

    This also looks nice and simple: http://www.billauer.co.il/ipmasq-html.html

    Remember, that IBurst is just a PPPOE connection so when they say ADSL for example, you can use the same code because ADSL also uses PPPOE.

    A common error is to enable ip forwarding:
    echo 1 > /proc/sys/net/ipv4/ip_forward

    Also, its Suse, so isn't there a menu for "Internet Connection Sharing" or something similiar? Thats why you use Suse - because they have all those GUIs to do these kind of things

  3. #3

    Default

    Is there a particular reason why you don't want to get an old Pentium I as a dedicated Linux gateway and install IPcop on it... IPcop is a pre-packed firewall/gateway/router/etc distro and its working very nice with my iBurst at the moment.
    local IPv6 hosting | ping6 blog | jawug hugh.diener@apolix.co.za

  4. #4

    Default

    Quote Originally Posted by nic777
    I used this with great success this last time I did this: http://www.linuxhomenetworking.com/w..._to_One_NAT.29

    This also looks nice and simple: http://www.billauer.co.il/ipmasq-html.html

    Remember, that IBurst is just a PPPOE connection so when they say ADSL for example, you can use the same code because ADSL also uses PPPOE.

    A common error is to enable ip forwarding:
    echo 1 > /proc/sys/net/ipv4/ip_forward

    Also, its Suse, so isn't there a menu for "Internet Connection Sharing" or something similiar? Thats why you use Suse - because they have all those GUIs to do these kind of things

    THANKS MAN!! Whoo I am so relieved! That first link you've given me worked like a charm. I am so happy, my home gateway works 100%. I just had to put up a DNS server to resolve domain names of my network but it works!
    Thanks again.
    God Bless to you!

  5. #5
    Active Member
    Join Date
    Apr 2005
    Location
    Centurion, South Africa
    Posts
    88

    Default

    Quote Originally Posted by ambo
    Is there a particular reason why you don't want to get an old Pentium I as a dedicated Linux gateway and install IPcop on it... IPcop is a pre-packed firewall/gateway/router/etc distro and its working very nice with my iBurst at the moment.
    Okay, I'll bite on this one . . . having a number of said machines (and better) lying around. Quick question, however . . . comment on feasibility, please.

    iBurst UTD connected to P1 running IPcop, okay - we'll assume this can work.
    Rest of home-office (ethernet/utp) LAN is Wintel, variety of opsys, some machine '98 due to being old hardware.

    Will I be able to connect properly and also use the IPcop machine as mail server, internet connection sharing etc, etc ?

    In case you're wondering, Yes, I'm a Wintel guy, having only played with (read installed once) both SUSE and Ubuntu.

    Meths.

  6. #6

    Default

    Quote Originally Posted by Methuselah
    Will I be able to connect properly and also use the IPcop machine as mail server, internet connection sharing etc, etc ?
    Generally not a good idea to run mail server on IPCop box, but it is possible. I use a separate Linux box for amongst other things a mail server.

    Connection sharing is what it's ideal for, with firewall. Extras such as traffic monitoring, proxy, etc. Quite a few addons are available.

  7. #7

    Default

    I've been using IpCop for just over a year now with iBurst. Installs in about 10 minutes. I'm using a Pentium I - 200Mhz with 64Megs Ram & a 2GB Hard Drive. Had absolutely no hassles from it whatsoever. I'm running a separate mail server on RH8 - Postfix with Spamassassin & Anomoly Virus Scanner 750 Mhz System with 128MB Ram also never touched the machine for over a year now.

    Running about 9 or 10 Machines through this setup. I'd recommend it to anyone.

    Patrick

  8. #8
    SmoothOokerMaximus The_Librarian's Avatar
    Join Date
    Apr 2005
    Location
    Amon Sl
    Posts
    87,478
    Blog Entries
    19

    Default

    And I will recommend Smoothwall from my side as well...

    IPCop is a fork of Smoothwall, basically these are almost the same, except for the GUI.

    From what I've heard is that the Smoothwall community is more active than the IPCop community, but YMMV.

    There are tons of modifications (add-ons) for Smoothwall for you to install, at present I'm using the Bandwidth mod to monitor bandwidth usage.

    Screenie is here.


    Regards

    Libs
    Last edited by The_Librarian; 12-07-2006 at 02:08 PM.
    Christ-mass is NOT for Christians. Jeremiah 10.
    Is the 10 Commandments for Christians?

    Saturday is the Seventh day, Sunday is the first day.

  9. #9
    SmoothOokerMaximus The_Librarian's Avatar
    Join Date
    Apr 2005
    Location
    Amon Sl
    Posts
    87,478
    Blog Entries
    19

    Default

    Quote Originally Posted by Unchained
    Generally not a good idea to run mail server on IPCop box, but it is possible. I use a separate Linux box for amongst other things a mail server.

    Connection sharing is what it's ideal for, with firewall. Extras such as traffic monitoring, proxy, etc. Quite a few addons are available.
    I will recommend the same.

    The basic idea is to run as few public services on your firewall as possible to minimize exploitation, and to move these to another computer.

    To give you an idea (and to confuse you )

    - A basic setup have a RED (outside, public) and GREEN (private) interface. All your workstations goes on the GREEN section, the firewall shielding them from bad traffic on RED.

    - Web servers and mail servers goes into an extra segment, called the DMZ or ORANGE segment. This is a separate segment from your GREEN network, should something get hacked on this segment, then the hacker cannot gain entry to your GREEN segment. (This is for default configurations only).

    - Wifi connections can be placed on a BLUE segment, which is also separate from the GREEN.

    So you can have one firewall protecting a lot of computers at the same time.

    Also do take note that some mods (like ClamAV) may require more RAM than the base install, so plan accordingly, otherwise you'll have an unresponsive or problematic firewall.

    Regards

    Libs
    Last edited by The_Librarian; 12-07-2006 at 02:18 PM.
    Christ-mass is NOT for Christians. Jeremiah 10.
    Is the 10 Commandments for Christians?

    Saturday is the Seventh day, Sunday is the first day.

  10. #10
    Active Member
    Join Date
    Apr 2005
    Location
    Centurion, South Africa
    Posts
    88

    Default

    Thanx for all the replies . . . looks like I'm going to be "playing" with Linux for a change.
    So, it's one box for the firewall, another for the mail-server. This we can do.

    Will this also, perhaps, provide the answer to solving one other headache :-

    * Incoming email is gathered via my DNS hosting and forwarded to the iBurst account. Download via pop3 and all is well.

    * Snag is with outgoing mail, however . . . any email address and/or reply-to address is being over-ridden when using the required iBurst SMTP portal . . . The senders address becomes the iBurst address. (i.e. I can send to robin@domain33.co.za, but all replies come from domain33@iburst.co.za . . .

    Can this be overcome using an independant mail-server or will it also be rejected / over-ridden . . . "no relaying" allowed.

    This one's a real pain . . . we don't want to change email addresses.

  11. #11
    Grandmaster Raithlin's Avatar
    Join Date
    Jan 2005
    Location
    Noordwyk, Midrand
    Posts
    4,448

    Default

    Here's a question. Everyone is recommending separate boxes.

    How effective is the built-in firewall that comes with the DD-WRT firmware update for a WRT54GL router? Is it necessary to back it up with another one, or disable it entirely in favour of, say, a Smoothwall PC?
    One mans crappy software is another mans full time job. Jessica Gaston

  12. #12

    Default

    Quote Originally Posted by Methuselah
    Will this also, perhaps, provide the answer to solving one other headache :-

    * Incoming email is gathered via my DNS hosting and forwarded to the iBurst account. Download via pop3 and all is well.

    * Snag is with outgoing mail, however . . . any email address and/or reply-to address is being over-ridden when using the required iBurst SMTP portal . . . The senders address becomes the iBurst address. (i.e. I can send to robin@domain33.co.za, but all replies come from domain33@iburst.co.za . . .

    Can this be overcome using an independant mail-server or will it also be rejected / over-ridden . . . "no relaying" allowed.

    This one's a real pain . . . we don't want to change email addresses.
    I use 'Fetchmail' to collect our incoming emails, The user then simply connects via POP3 to your local mail-server. At this stage I'm using PostFix instead of Sendmail as my local SMTP server which then relays this to mail.wbs.co.za. Because you're inside their network, the relaying is allowed. To-date we've had no address being modified or overridden.

    Patrick

  13. #13
    Super Grandmaster chiskop's Avatar
    Join Date
    Mar 2006
    Location
    Kensington, JHB
    Posts
    9,224

    Default

    Methuselah
    Junior Member
    Love it.

    Quote Originally Posted by Telkomisaloser View Post
    I must get banned
    <!--

  14. #14
    Active Member
    Join Date
    Apr 2005
    Location
    Centurion, South Africa
    Posts
    88

    Default

    Quote Originally Posted by patrick123
    . . . 'Fetchmail' collect incoming . . . user connects via POP3 to local mail-server . . . PostFix instead of Sendmail as my local SMTP server which then relays this to mail.wbs.co.za.
    Because you're inside their network, the relaying is allowed.
    Hello Patrick . . . this is precisely what I'm after. Currently using JANA server as local - to institute "internal email" (pure WinTel currently)

    1. "inside their network" . . . Does this imply that you have a static IP?
    A dude at iBurst helpdesk insists that to get this right I must apply for a static IP (at another R200 pm, of course).

    2. Can you confirm mail.wbs.co.za where I'm using smtp.wbs.co.za

  15. #15

    Default

    Quote Originally Posted by Methuselah
    Hello Patrick . . . this is precisely what I'm after. Currently using JANA server as local - to institute "internal email" (pure WinTel currently)

    1. "inside their network" . . . Does this imply that you have a static IP?
    A dude at iBurst helpdesk insists that to get this right I must apply for a static IP (at another R200 pm, of course).

    2. Can you confirm mail.wbs.co.za where I'm using smtp.wbs.co.za
    Hi Methuselah...

    1. When you connect with Iburst, you are assigned one of their IP Addresses, their smtp server sees this as internal thus you don't need a static IP.

    2. Yes! I can confirm mail.wbs.co.za.

    Just an extra note, IPCop/Smoothwall will allow you to register your dynamic IP Address at dyndns.org, thus you could possibly have an email like methuselah@methuselah.dyndns.org that would link straight to your mail server. In IpCop/SmoothWall, You would simply forward port 25 to your mail-server.

    Regards
    Patrick

Page 1 of 2 1 2 LastLast

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •