[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [ok-mail] Re: [K12OSN] NAT and DHCP



On Mon, 2003-07-28 at 05:33, John Hansknecht wrote:
> On Fri, 2003-07-25 at 10:59, Richard Black wrote:
> > >
> > >
> > >I know I can get DHCP ro ron on a computer with just one NIC but is it 
> > >possible to get NAT tor work on the same server with just one NIC?  I have 
> > >a 248 mask at one of my buildings so I need to get DHCP and NAT working 
> > >because I am installing a PArent Center Computer Lab here with 12 
> > >computers in it.
> > >  
> > >
> > I believe the answer to this is yes.  Just have this box as the default 
> > gateway for the
> > DHCP clients.  I'm not sure about configuring NAT, but I'm sure there's 
> > a way to
> > have it do NATting with just 1 NIC.
> > [SNIP]
> > One problem with this though, since the clients are not forced to go 
> > through this box, then
> > this box can be bypassed.  They can just make their default GW to be the 
> > real GW that the NAT
> > server is using; thereby bypassing the NAT server along with any other 
> > checks and balances that
> > you want to do on that server such as blocks, parental control, etc.
> > 
> To get around the problem of bypassing the proxy you can set your
> gateway to only accept traffic from the proxy server ...With Iptables
> you can block access from your client PC's for just the specific
> protocals (http) that the proxy is serving.

    Or, you *COULD* just spring $12 for a second card...

-- 
------------------------------------------------------------------------
Brian Fahrländer          GNU/Linux Zealot, Conservative, and Technomad
Evansville, IN                    My Voyage: http://www.CounterMoon.com
ICQ  5119262
------------------------------------------------------------------------

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]