Setting up a home network with WinXP

Chris Kloiber ckloiber at
Mon Nov 24 07:38:55 UTC 2003

On Mon, 2003-11-24 at 13:43, Dennis Calhoun wrote:
> I've decided to hold off on upgrading to Fedora until it's next
> release, to allow time for any unexpected bugs to be fixed.

Good thing you aren't holding your breath, too. :) The next release will
have kernel-2.6.x and a whole bunch of new unexpected bugs to be

> In the meantime I've been trying to get Red Hat Linux 9 set up to
> serve a very small home network (only one other machine, running
> WinXP), with NO success.

Then you should be asking on shrike-list at, but I am not
feeling evil today. :)

> I've tried to do as it says in the Red Hat Linux 9 Bible, mostly
> around what is addressed in chapter 15 and 16, but I can't believe how
> much time I have spent on this so far and still can not get anything
> to work. Neither machine "sees" the other and internet connection
> sharing is no where near anything that will work yet.

I don't have access to that bible. Fortunately I'm paid to know this
stuff, and do it all the time. Here's my quick and dirty:

Set up your eth0 to get a dhcp address from your ISP. 

Put a fixed address on eth1 of your linux machine (it does have two
network interfaces, doesn't it?) like The netmask should
be Don't set a gateway, your gateway and DNS servers will
be inherited from your ISP's dhcp server on eth0.

Set a fixed IP on the Windows box of, using a netmask of, and a gateway address of Set the DNS
servers to your ISP's for now. (I don't do Windows, don't ask how.)

Edit /etc/sysctl.conf and change the existing line to read:

# Controls IP packet forwarding
net.ipv4.ip_forward = 1

Install a nat firewall. A nice quick one can be gotten from:

Install the rpm, If you used the IP addresses I suggested, then the
config file /etc/sysconfig/fwiptables.conf will work as is, although no
inbound traffic will be allowed at all except for traffic relating to
the outbound requests you make. You can edit the fwiptables.conf file to
allow individual ports for whatever services you desire. For instance if
you want to access your machine remotely via ssh, and host a web server,
make the TCP_ALLOW line read:

TCP_ALLOW="22 80 443".

When ready, run the following commands:

# sysctl -p
# chkconfig --level 35 ipchains off
# chkconfig --level 35 iptables off
# chkconfig --level 35 fwiptables on
# service ipchains stop
# service iptables stop
# rmmod ipchains  (may be unnecessary, or show an error. No problem)
# service fwiptables start

You should now be able to ping/browse from the Windows box.

>From this point it's up to you to configure other services (like dhcpd
on eth1 only!, named, ntpd, smtp, pop/imap, etc) as you desire, but you
can ignore those if you use the manually configured fixed IP's and tell
your machines to use your ISP's name server and mail server(s). (Might
want to list your local machines in /etc/hosts on all local machines in
this case). 

Good luck.

Chris Kloiber
Red Hat, Inc.

More information about the fedora-list mailing list