[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [ok-mail] Re: [K12OSN] NAT and DHCP

On Fri, 2003-07-25 at 10:59, Richard Black wrote:
> >
> >
> >I know I can get DHCP ro ron on a computer with just one NIC but is it 
> >possible to get NAT tor work on the same server with just one NIC?  I have 
> >a 248 mask at one of my buildings so I need to get DHCP and NAT working 
> >because I am installing a PArent Center Computer Lab here with 12 
> >computers in it.
> >  
> >
> I believe the answer to this is yes.  Just have this box as the default 
> gateway for the
> DHCP clients.  I'm not sure about configuring NAT, but I'm sure there's 
> a way to
> have it do NATting with just 1 NIC.
> [SNIP]
> One problem with this though, since the clients are not forced to go 
> through this box, then
> this box can be bypassed.  They can just make their default GW to be the 
> real GW that the NAT
> server is using; thereby bypassing the NAT server along with any other 
> checks and balances that
> you want to do on that server such as blocks, parental control, etc.
To get around the problem of bypassing the proxy you can set your
gateway to only accept traffic from the proxy server ...With Iptables
you can block access from your client PC's for just the specific
protocals (http) that the proxy is serving.



John Hansknecht

One OS to fool them all
One browser to find them
One email client to bring them all
And through security holes, blind them...

Attachment: signature.asc
Description: This is a digitally signed message part

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]