Iptables question about peer-to-peer rules
Mark Nixon
manixdk at tiscali.dk
Mon Apr 4 19:42:59 UTC 2005
On Mon, 2005-04-04 at 12:23 -0700, Kam Leo wrote:
> On Apr 4, 2005 12:09 PM, Mark Nixon <manixdk at tiscali.dk> wrote:
> > On Mon, 2005-04-04 at 14:36 -0300, Pedro Macedo wrote:
> > > Em Seg, 2005-04-04 às 19:23 +0200, Mark Nixon escreveu:
> > > > Darn, it's hard to formulate an appropriate subject sometimes.
> > > >
> > > > I have a little peer-to-peer network. I have an ADSL modem and a switch,
> > > > to which I have 4 computers connected,
> > > >
> > > > As far as I have been able to suss out, my ADSL modem or my switch is
> > > > assigning the 10.0.* addresses.
<big snip>
> >
> > But all my machines can access the Internet, even if my Linux machine is
> > turned off. They just can't print. Which is OK.
> >
> > But I've solved the problem, I think.
> >
> > I ran "iptables stop"
> >
> > then ran "iptables -A INPUT -p -ALL -i eth0 -s 10.0.0.0/5"
> >
> > then ran "service iptables start"
> >
> > This seems to have worked, as I now can see my SAMBA share directories
> > from my wife's (10.0.0.2) machine.
> >
> > I don't think I need 10.0.0.0/24, as my switch can only take 4 machines,
> > but maybe I'm wrong?
> >
> > > --
> > > Pedro Macedo
> > >
>
> It's not the number of machines that are attached to your switch that
> matters. It's the range of IP addresses. You would need to use fixed
> IP addresses for all your machines or have your DHCP server restricted
> to the range of addresses that it can assign.
>
Ahh. I've just talked to my son, and he mentioned something about my
ADSL router also being a DHC source, which means (I think) that every
time I change my LAN config just a little, I'll get assigned a new
"10.0.*" number, so what you and Pedro write is starting to make sense.
If a take a machine off and add a machine, change an ethernet card, or
whatever, my router could assign a 10.0.0.* number that would keep
increasing, right?
As far as I can see, with the 3-4 machines I have on my little LAN, it's
not worth assigning fixed addresses?
Thanks to all for their help so far.
Mark
More information about the fedora-list
mailing list