Getting in the Fast Lane
Now that you have your card or cards set up, go ahead and boot into Linux. First, login or su as root and run the command ifconfig. You'll get a few paragraphs of information, stating the status of your network interfaces. At this point, your Ethernet interfaces (eth0, eth1) will not be listed, since you haven't configured them yet. The only interfaces listed should be the loop back interface, and anything else you have already set up.
What we wish to do now is set up each interface. In the case of a single Ethernet card system, issue the following command:
replacing x.x.x.x with your specified IP address. This number is provided by your ISP (Internet service provider). Also change the eth0 to whichever interface you wish the address to be mapped to. Now, run ifconfig as root. You will see the eth0 interface listed, with all the card details and transmission statistics. If you have a second card, issue the same command, this time with eth1 instead of eth0 and the internal network IP address. For your internal network, the addresses should be in the form of 192.168.0.0, with 192.168.1.1 being the machine that is going to host the connection. In other words, all your other machines should be assigned 192.168.1.1, 192.168.1.2, 192.168.1.3, etc. These IP addresses are not publicly routed on the Internet and should not interfere with the outside world.
With the interfaces set up, it's time to set up routing. This may sound complicated, but it is quite easy once you are familiar with the route command. This command controls the flow of data between all network interfaces. The route man page gives complete details of all the intricacies of this command. For now, use this series of commands to configure routing:
route add route add default gw route add -net 192.168.1.0 eth1
Replace the gateway_address flag with your actual gateway machine address, also provided by your ISP. The first two commands tell the machine that the host gateway_address can be accessed directly via the eth0 interface. The third command says that the default route (0.0.0.0, any machine) should be accessed through the gateway gateway_address. The last line indicates that any machine in network 192.168.1.0 can be accessed through the interface eth1. Put these three lines and the ifconfig line above into the startup script, usually found in /etc/rc.d for Slackware or /etc/rc.d/rc.init for Red Hat. Check your documentation for your distribution.
Now set up DNS resolutions by editing the /etc/resolv.conf file to include the following lines:
domain isp.com nameserver nameserver
Replace isp.com with your ISP's domain, and replace x.x.x.x with your ISP's primary name server, and y.y.y.y with your ISP's secondary name server. If you don't have a secondary name server, don't worry, only one is actually needed. After you've added these lines, save the files and reboot.
When your computer is back on-line, you will be able to use your cable modem on the host machine to execute the regular Internet functions such as FTP, TELNET and visiting the WWW.
To effectively share bandwidth between computers without actual IP addresses for each computer, use internal IP addresses as discussed above. The masquerading server forwards packets from each of the client machines to the Internet and relays the packets back to the client machines. This is done quite efficiently, with little noticeable load on the server. A tool called ipfwadm is used to set up “rules” for IP forwarding and denying. The following commands should also be added to one of your startup scripts (see Listing 1), after the ifconfig and route sections:
ipfwadm -F -p deny ipfwadm -F -a M -S 192.168.1.0/24 -D 0.0.0.0/0
The first command tells ipfwadm to change the policy for IP firewalling to deny. The second command is a little more complicated; it instructs ipfwadm to append the commands that follow, which in this case are the M, -S and -D flags. The M adds a masquerade rule, which states that all packets with a source address of 192.168.1.0 and a destination address of 0.0.0.0 (which basically means any host machine) are accepted. The /24 specifies the number of set bits in the netmask. Remember, in binary, you can only have a set or unset bit, and in netmasks, the value is always 255 or 11111111 in binary. You can also replace the 24 with the real netmask, which in this case would be 255.255.255.0. The zero in the -D rule just means that any netmask is allowed. The man page for ipfwadm for more details.
At this point, it is a good idea to restart, run all the scripts and load all the modules. If you don't want to bring the machine down, you can re-run the startup scripts and hope for the best.
|Free Today: September Issue of Linux Journal (Retail value: $5.99)||Sep 27, 2016|
|nginx||Sep 27, 2016|
|Epiq Solutions' Sidekiq M.2||Sep 26, 2016|
|Nativ Disc||Sep 23, 2016|
|Android Browser Security--What You Haven't Been Told||Sep 22, 2016|
|The Many Paths to a Solution||Sep 21, 2016|
- Free Today: September Issue of Linux Journal (Retail value: $5.99)
- Android Browser Security--What You Haven't Been Told
- Identity: Our Last Stand
- Epiq Solutions' Sidekiq M.2
- The Many Paths to a Solution
- Nativ Disc
- RPi-Powered pi-topCEED Makes the Case as a Low-Cost Modular Learning Desktop
- Real-Time and Linux, Part 2: the Preemptible Kernel
- Eleven SSH Tricks
Pick up any e-commerce web or mobile app today, and you’ll be holding a mashup of interconnected applications and services from a variety of different providers. For instance, when you connect to Amazon’s e-commerce app, cookies, tags and pixels that are monitored by solutions like Exact Target, BazaarVoice, Bing, Shopzilla, Liveramp and Google Tag Manager track every action you take. You’re presented with special offers and coupons based on your viewing and buying patterns. If you find something you want for your birthday, a third party manages your wish list, which you can share through multiple social- media outlets or email to a friend. When you select something to buy, you find yourself presented with similar items as kind suggestions. And when you finally check out, you’re offered the ability to pay with promo codes, gifts cards, PayPal or a variety of credit cards.Get the Guide