Sharing Internet Connection With Suse 7.1

[revelation]

Good Evening,
I just installed Suse 7.1 with the 2.4 kernel. I was using Mandrake. In Mandrake they made it easy to set up internet connection sharing. I have not figured out how to do this in Suse 7.1. I need to be able to share the internet with another machine here in the home, a Windows machine. I am very impressed with the stability of Suse. I may continue to use it, but I need to figure this out. Thanks in advance!!

[Statica]

All the so called automated connection sharing etc are not half as good as doing it yourself, I will outline the steps for you in as easy a manner as possible, if you have any doubts msg back.

The goal is to make Linux your "firewall"/"server" machine, and your Windoze machine the client. The linux machine will have 2 NICs.
eth0 --> to your LAN
eth1 --> to your WAN / Internet

Server Configuration -
Use linuxconf netconf and assign the following for your eth0
IP: 192.168.1.0 (use default values for the rest)

and the following to your eth1:

Make eth1 to obtain its IP address from DHCP/bootp or fill in all the address information you have from your ISP.

Edit /etc/rc.d/rc.local and add the following to the bottom:

bash /etc/rc.d/rc.firewall

The rc.firewall file is a simple file that you can make using a text editor the basic configuration I will outline below that has all the elements of an "insecure" server, you can harden your connection as need be. You can just do a Cut & Paste to the following, if your IPs are the same as what I specified.


/sbin/depmod -a
/sbin/modprobe ip_masq_ftp
/sbin/modprobe ip_masq_raudio
/sbin/modprobe ip_masq_irc
/sbin/modprobe ip_masq_quake 26000,27000,27910
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
ipchains -M -S 7200 10 60
ipchains -A input -j ACCEPT -i eth1 -s 0/0 68 -d 0/0 67 -p udp
ipchains -P forward DENY

#ENABLES ALL MACHINES TO INTERNET by IPChains
ipchains -A forward -s 192.168.1.0/24 -j MASQ
#TO ENABLE ONLY SPECIFIC MACHINES TO INTERNET
#ipchains -A forward -s 192.168.1.0/32 -j MASQ


Then enable IP forwardingby editting /etc/sysconfig/network and make the line: FORWARD_IPV4 equals true.

Client/Windoze Configuration -
Go to your TCP/IP Properties from your network settings:
IP Address: 192.168.1.2 [or any in that range]
Gateway: 192.168.1.0 [your server]
DNS: Your ISP's DNS server

Voila, you should have a connection.
If you need to diagnose your network ipchains you can issue:
ipchains -L

Ok, this will work for diallup as well, but the network wont be complete till u make your connexion. Read next post for add-ons

[Statica]

So you've got your basic internet connxn sharing, now if you are using a LAN, why not get the most out of your network by running SAMBA [ http://www.samba.org ], and sharing your computers resources, it would make more sense. You probably already have samba installed with SuSE. For further information post back [to a fresh thread, and we'll help you].

It is very helpful ESPECIALLY if you are using a high speed connexion to run good firewalling techniques.

Some of the considerations are:

Dont start anymore services on your Linux box than you need

Block out the internet's access to those services, allow only your LANs access, like FTP, SMTP, POP etc etc

Block ICMP/pinging, that can cut down on a whole lot of problems.

loads more

If you need help with getting a good firewall post again. Linux is a very capable OS that will not only let u do more, but also protect you a lot more.

By the same token, since Linux will let you do a lot more, it also makes the uninitiated vulnerable to a lot more

[mairving]

Samba is pretty awesome. I could go into a company that is running NT server and install Linux in place of NT. Then set up samba shares. The only way the users would notice is that the server is up all the time and runs faster.

[revelation]

Thanks, but I was not able to get very far. When I try to type any of the commands it just says that there is no such file. Does 2.4 work like the other kernal as far as IP chains and such?

[Statica]

Which command did u try to type?
Yes 2.4 is like any other Linux kernel, better, but still the same.
did u try linuxconf?

[oliverkazaam41]

/sbin/depmod -a
/sbin/modprobe ip_masq_ftp
/sbin/modprobe ip_masq_raudio
/sbin/modprobe ip_masq_irc
/sbin/modprobe ip_masq_quake 26000,27000,27910
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
ipchains -M -S 7200 10 60
ipchains -A input -j ACCEPT -i eth1 -s 0/0 68 -d 0/0 67 -p udp
ipchains -P forward DENY

just want to ask were do i type this one? am new to linux and I also have problems in sharing my connection.

I am using SuSe linux as my server. Can u please give me more detailed explanation. Please I really need help! Thanks in Advance!!!