| Art Clemons on Fri, 30 Aug 2002 00:36:10 -0400 |
|
Arthur S. Alexion: I almost bought a Linksys (or SMC) router today by coincidence, specifically for sharing a comcast connection. Art, could you direct me to more specific instructions as to what you are doing. I have a 486, with PCI bus and Linux already installed and running, sitting around that it sounds like I could use instead. Let me first note that lots of people use Linksys routers with a great deal of success. They however seem to always have a new firmware upgrade, and a series of said upgrades available for download, and finding the right version for a particular situation can be exasperating. What I did with a 486 (I'm not anymore, I bought a netgear rp114 for $39 during a sale with a rebate) was to add a 2nd ethernet card, and assign with ifconfig a non internet routable address to the 2nd NIC, i.e. the NIC the computer finds 2nd when booting. Recent kernels have no difficulty dealing with any of a variety of NICs although I tend to have a lot fewer problems of any kind when I insmod or modprobe modules rather than compiling the NICs into the kernel, YMMV. The first NIC gets via DHCP an IP address from comcast, and that is the interface that Comcast sees. I learned something about firewalls, but I tended to rely on a script from MonMotha (I think he still has links on sourceforge, if not, I can look up his webpage). Let me note that I used iptables with a 2.4.>9 kernel most recently, and I went to several different websites while the 486 was connected to nothing but comcast to test the firewall. There are various other techniques, which others can detail, and I logged all connection attempts from the outside (most seem to have come from someone in the same comcast region). After I had the firewall working properly, I then used the 2nd IP address as the gateway address for the other computers. There are other firewall scripts, perhaps others can even detail which they favor, and which get updated regularly as there are almost always undiscovered holes in any protection scheme. Whatever system you use, the fewer services running on the Linux box, the fewer holes there are to attack, and the more likely the 486 is to be more computer than being a router needs. If you want a quick and dirty solution to routing, there are among other options the Linux Router Project (a single floppy disk router based on if I remember correctly the 2.0.39 kernel) and one other I can't recall, which also worked for me, except that I had to use two of the same brand of router because it had problems dealing with two separate brands. _________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
|
|