<solved> How to share Internet connection w/ RedHat9?

[Cooky]

Hi does anyone know how I can make a machine w/ 2 NICs and RedHat Linux 9 loaded act as a router so that I can share Internet connection? (something like Internet connection sharing in MSWindows after win98SE)

In the Networks properties both NICs are present and seem to work properly but I don't see any options to share one connection.

Edit:
Got it to work on 5/20/2003
First I followed BuddhaBart's instruction 'cuz it's so straight forward but somehow it didn't work...then I tried the How To Guide and it works out fine.

 

[chsh1ca]

This is done by using either ipchains or iptables (generally the latter on newer 2.4 kernel derived distributions).

There are some howtos on the subject, but I like the Linux IP Masquerading Howto. It will tell you how to configure IP Masquerading, which is essentially what ICS is on Win9x boxes.

 

[Cooky]

Thanks a lot.
The link isn't working though...is the server down??

 

[oaaltone]

Originally posted by: Cooky
Thanks a lot.
The link isn't working though...is the server down??

Working fine here...

 

[Cooky]

Link is working now

 

[Buddha Bart]

Step 1, Turn on packet forwarding.

- edit "/etc/sysctl.conf" and change net.ipv4.ip_forward = 0 to net.ipv4.ip_forward = 1

Step 2, Turn on masquerading

- create a text file (I reccomend in root's home directory, named iptables.conf)
- put these two lines inside it (assuming eth0 is your WAN/Internet interface):
/sbin/modprobe iptable_nat
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
- set the file executable (chmod u+x iptables.conf)
- temporarily stop iptables /etc/init.d/iptables stop
- execute it (./iptables.conf)
- save the resutls by running /etc/init.d/iptables save
- restart networking /etc/init.d/network restart
- restart iptables /etc/init.d/iptables restart

Step 3, Clients/LAN Hosts

- set their default gateway to the IP of your internal interface (probably eth1)

NOTE: This walkthrough assumes you currently have no iptables rules. If you do, you'll need to work nat into them.

bart

 

[Cooky]

Thanks for the tips but it's not working well...

I have eth0 as WAN port to Internet and eth1 as the internal port. I've defined the IP for eth1 as 192.168.0.1; what should I put for the Default Gateway Address? Still 192.168.0.1? or the default gateway that my WAN uses to get to my ISP?

 

[Buddha Bart]

192.168.0.1

 

[Cooky]

It's working now; thanks for y'all's help, especially BuddaBart!
Weird, though I left the default gateway for eth1 blank, it still works...

One final question: it seems that IPMASQ doesn't have DHCP built in (MS Internet Connection Sharing has it) and I have to either manually assign private IP to each "MASQed" internal station or make DHCP available on the network??
Is this right?? Thank God I don't have that many clients otherwise it's a pain in the butt....or is there such a "built-in" DHCP function w/ the IPMASQ and I just don't know about it??

 

[Buddha Bart]

thats correct, you need to setup a dhcp server seperatley.

Thats kinda the way things work on linux. There's lots of powerful but seperate and specialized tools, its up to you to tie them together.

 

[kt]

Didn't see this thread.. but had I seen it, this link would've saved you a lot of headaches and time.

It's by far the best firewall script written that is free.