Re: [PLUG] Sharing an Internet Connection

James Barrett on 6 Jan 2008 08:13:05 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Sharing an Internet Connection

From: James Barrett <jadoba@jadoba.net>

To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Subject: Re: [PLUG] Sharing an Internet Connection

Date: Sun, 6 Jan 2008 11:13:06 -0500

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: Mutt/1.5.17 (2007-11-01)

Andrew, On Sun, Jan 06, 2008 at 10:45:58AM -0500, holdenergy wrote: > Hi - What might be the quickest/cheapest/easiest way to securely share an > internet connection. > > Let me explain. In a shared community with only one DSL connection, multiple > different entities connected through one DSL connection but requiring that > records be kept for each port, so that in the extreme case of a visit from > FBI/RIAA etc only that port is an issue. Ideally getting 2 IPs from the DSL > provider would be perfect but that adds $$ if they'd even do it. What kind of records? If you mean things like originating/destination IP and orig/dest port, that is easy. > Furthermore, we don't want one entity soaking up all available bandwidth, so > what would be the device to throttle each port to a certain percentage of > available, and we actually want to maintain a certain port dedicated for > VOIP to ensure quality of service even if the DSL is otherwise at capacity. tc can be used to stem the flow of incoming and outgoing data and other QoS-ish stuff. > I have not seen these features in consumer grade routers and I am not sure > how far we have to step up to get it, or is there a Linux solution for which > I'd be happy to re-purpose an old PC or laptop. I am using an old machine with 4 ethernet NICs in it and Debian stable. One nic is for the incoming connection (Comcast Cable), another nic is for my personal LAN and yet another nic is for my brother's LAN. I had to do this for two main reasons: 1) he has a wireless AP which although uses WPA2 + AES, I do not know the encryption key and therefore do not know how good the passphrase is, 2) he likes to soak up bandwidth. The fourth nic is there in case I want to set up a DMZ sometime in the future. His LAN has no access to my LAN. I used fwbuilder to construct an iptables firewall with all the bells and whistles. I also used tc to cut his bandwidth down to size: 768kbps download, 128kbps upload - he was doing something with bittorrent that was eating up all the upload bandwidth and practically none of the download. If I were not painting my room today I would be able to tell you more... -- James Barrett
Attachment: signature.asc
Description: Digital signature

___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

References:

[PLUG] Sharing an Internet Connection
From: holdenergy <holdenergy1@gmail.com>

Prev by Date: Re: [PLUG] Sharing an Internet Connection

Next by Date: Re: [PLUG] Sharing an Internet Connection

Previous by thread: Re: [PLUG] Sharing an Internet Connection

Next by thread: Re: [PLUG] Sharing an Internet Connection

Index(es):

Date

Thread