On 05/24/2015 12:07 PM, robert.devanna@nospammail.net wrote:
I'm setting up a DHCP client on Opensuse. I'm coming from Debian; apparently things are done differently here in Opensuse. My very-techie friend also from Debian has given up trying to help me with figuring this out on Opensuse :-(
This box is being set up as an edge router+firewall.
It connects directly to an ISP's DSL modem - an AT&T Uverse-compatible Pace 5031NV.
So, the openSuse box has TWO Ethernet connections, since it acting as firewall. I suspect you need BOTH client AND server. The end that is connected to the DSL modem runs 'client' most likely, since the ISP runs DHCP and hands out a single address. That is usually termed the 'red' side of the firewall. The "inside" or "blue" is the side of you LAN, probably connected to a switch of some sort. Well OK, there are multi-port cards for PCs. I did that once in the SCO/UNIX days, but these days 8 and 16 and even 32 port desktop switches are reasonably priced. Parsimonious me found one at a thrift store for $15. YMMV. This blue side runs the dhcp server to had out local addresses to devices on your LAN. This is a standard configuration. Somewhere along the line I did all this with IPCop. While I agree with your decision to use Shorewall, you might want to experiment with an IPCop setup as a learning example so you can see some of the issues. In short: You need dhclient (or client daemon) on the 'red' side You will see (RTFM) that they take a parameter for the interface to use dhcp-server or dnsmasq on the blue side. My preference is dnsmasq :-) Once again you can -- you MUST -- specify which interface to use. I would NOT use yast. Late model openSuse uses systemd and you can set up the startups for the client and the server as unit files. Parameters currently go in /etc/sysconfig.d, but this is evolving. Some units have arguments hard-wired. YMMV. Check the up to date documentation both for systemd and for the specific application and check the unit file to make sure. Yes, I set up a Shorewall based firewall once. Actually it was a three way. it had a DMZ as well. It was using Mandrake (in the days before they bankrupted). I can see why you would prefer Shorewall over the firewall that comes with openSuse :-) No argument with that :-0 Right now, you might want to visit the LiveCD site or do a google for a pre-built "appliance. Such as https://susestudio.com/a/4dMNWp/gatekeeper-with-shorewall (no longer supported but "You can clone the appliance, then upgrade and build with a current OS version. ") You might also want to ask about this on the Shorewall list. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org