On Mon, 1 Dec 2003, Chris Bek wrote:
Dear all,
I am trying to share the internet connection from my linux box to the other PCs on the network. I have no reason to have a firewall since this machine dials in check e-mail and dials out immediately. Can someone please help me with this one? Masquerading perhaps??
Chris
PS: SuSE 8.1 out of the box PS2: I am a very new user!!!
Your request sounds a bit contradictory. If the gateway box truly dials in only intermittently, it doesn't seem to make sense to share the connection, since it won't be available most of the time. Masquerading and forwarding is one of the functions of a firewall, whether you choose to implement other filtering functions as well, or not. I would install the susefirewall2 package, and set it up to do masquerading of your internal network. The sample config file is quite well documented, and a simple read thru it will lead you to the few lines that need to be customized. Basically, it will be to declare your external (internet-looking) interface, the internal (LAN-looking) interface, and enable masquerading. YAST even has a module to make this easy. If the need to share the interface is only to retrieve mail, then maybe a fetchmail implementation on the gateway machine, which fetches mail for all your user accounts, and delivers them to local mailboxes. Your users on the LAN can fetch their mail from the gateway machine at will, and there'd be no need for any IP forwarding or masquerading. Think of it as an asyncronous email proxy. Unfortunately, I can't give you a step-by-step on this technique, since I've never set one up myself. -- Rick Green "They that can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety." -Benjamin Franklin