Fedora Core 2 as internet gateway

Rodolfo J. Paiz rpaiz at simpaticus.com
Fri Jun 4 21:32:30 UTC 2004 

At 08:08 6/4/2004, Jason Kretzer wrote:
>This is a kind of long post, but if you answer it, I
>believe it will help a lot of people.  If I end up
>getting it working, I am going to post the solution on
>my website for others.

Don't bother... I'm halfway there. Much easier to read my half-a-document, 
critique it, and help me finish it! :-)

         1. Read through my "Small Netserver HOWTO" [1].

         2. Email me off-list for the settings to give pppd... I have a 
dial-up ISDN gateway at home, external over a serial modem so it's exactly 
like an analog dial-up but faster. It works like a charm.

         3. Sharing the connection, firewalling, and gateway service are 
provided by Shorewall. [2] Go to the site and read the "Two-Interface Quick 
Guide" to get you started. I'll give you the rest of the configuration 
details and my copy of all config files.

It's not a difficult process at all.

>1.) What IP do I need to give the gateway?  I assume
>one of the reserved ie. 192.168.1.1 or similar.

You will surely get assigned a public IP address for your side of the PPP 
connection. You do use a reserved IP address for your internal network, of 
course. 192.168.0.1 with netmask 255.255.255.0 is my preferred choice.

>2.) What do I put as the gateway IP when setting up
>the gateway computers lan connection?  Do I put its
>own?

You don't need to specify a gateway for eth0.

>3.) How does one share the dialup connection?

Shorewall.

>4.) How does one set the gateway to connect to the
>internet when one of the computers on the lan requests
>it?

On-demand dialing with pppd or wvdial.

>5.) How does NAT/Masquerading get done in this
>situation?

Shorewall.

>6.) What about a firewall using iptables?

Shorewall.

>7.) How difficult is Squid to set up?  Obviously I
>will need a proxy because of the slow dialup
>connection speed.

Haven't done it yet, but will happily learn how, help you get it going, 
then document it for others. Note that proxies cannot handle all types of 
traffic, so there are one or two small downsides to using them. Still, 
worthwhile effort.

Cheers,


-- 
Rodolfo J. Paiz
rpaiz at simpaticus.com
http://www.simpaticus.com

More information about the fedora-list mailing list