view function of Bind 9

Tim ignored_mailbox at yahoo.com.au
Tue Apr 3 09:09:01 UTC 2007 

On Mon, 2007-04-02 at 21:05 +0800, edwardspl at ita.org.mo wrote:
> After apply a leased line connection with Internet from ISP, there is
> a segemnt IP addresses ( Public IP ) and a Router machine ( can't to
> be enabled the firewall function ) by ISP also : 
> For sample :
> IP range : 202.175.123.123 ~ 202.175.123.129
> subnet mask : 255.255.255.240
> Router IP : 202.175.123.128
> 
> Now, I'm setting up a Internet Server ( all service in the same machines ) :
> There are Ethernat 0 and Ethernet 1 two Interfaces with the Server :
> Ethernet 0 for connecting with HUB_A and Router, but want to use
> Private IP address ( eg : 192.168.0.1 ) instead of public IP ( eg :
> 202.175.123.123 )

You'll need to configure the router to tie those addresses together.

> Ethernet 1 for connecting with HUB_B, provide NAT + DHCP for Clients
> ( ip range : 192.168.1.0 / 24 )
> 
> So...how to config the firewall rules by using iptables as the following condition :
> 1, how to clear up the default setting ?

Command line or GUI?

CLI:  Learn how to use iptables.

GUI:  You can use, in Gnome, the System menu, Adminstration sub-menu,
Security level and firewall GUI.  You can use Firestarter (install it).

> 2, how to disable all services ?

CLI:  Learn how to use chkconfig.

GUI:  In Gnome it's found at:  System menu, Adminstration sub-menu,
Services (perhaps inside a Server settings sub-menu).  Turn off what's
not needed, and what you don't want.

We can't really advise on everything that can be turned off, we don't
know what you need.  I'd advise that on a server, you configure NTPD to
run.  You want your logging to have reliable time, and it'd be good for
it to allow local PCs (on your LAN) to synchronise their clocks with
it).

> 3, how to enable the service which needed ?

Opposite of the above steps.

> 4, how to transfer the ip address ( public from / to private ) ?

Iptables, using the -nat table on Linux, but you need to do that in your
router.

> 5, how to enable NAT + DHCP for clients users connection with Internet ?

Set up the DHCP server on a machine.  Configure it with addresses for
your LAN PCs to use for their DNS server and gateway (the router LAN
IP).  Enable NAT on the gateway device (your router).

-- 
(This box runs FC6, my others run FC4 & FC5, in case that's
 important to the thread.)

Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.

More information about the fedora-list mailing list