A Heterogeneous Linux/Windows 95 Home Network

 in
Share resources such as printers, CD-ROM drives and data connections to the Internet.
IP Masquerade Installation—Reaching the Outside World

I have a PPP account at my school that assigns an IP address each time I connect through the ppp0 device, which is my default gateway.

To enable machines behind the firewall to communicate with the outside world, you can install IP masquerade. This requires support for the firewall to be built into the kernel. Detailed instructions on how to recompile your kernel with IP firewall support is in the IP-masquerade HOWTO (www.linuxdoc.org/HOWTO/IP-Masquerade-HOWTO.html), available at the LDP (Linux Documentation Project) site. The Red Hat's 5.0 kernel has this support already compiled in. You need to enable IP forwarding on the firewall machine serrano. On Red Hat, this is done by setting FORWARD_IPV4=yes in the /etc/sysconfig/network file and restarting network services. Then execute

ipfwadm -F -p deny
ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0

as root, or place these commands in your /etc/rc.d/rc.local file for automatic execution. For explanation of the commands, read the IP-Masquerade-HOWTO.

You can play with the ipfwadm command to selectively grant access to the machines on your network to the outside world. Once this is done, you can open a DOS window on your Windows 95 machine and ping a machine on the Internet. If this works, you can access any machine on the Internet from any machine on your network. To the outside machines, all of the TCP/IP packets will appear to come from your firewall machine.

Configuring the Linux Client

The Linux client (piquin, 192.168.1.100) should be set up with the server 192.168.1.1 as its default gateway. This is done with the route command

route add -net default gw 192.168.1.1

File sharing between two Linux machines is done easily with NFS. The NFS dæmon, nfsd, is usually started at boot time. We would like to make directories on serrano available to other Linux clients via NFS. To do this, specify the directories to be exported in the /etc/exports file. I have the following /etc/exports files on serrano:

/home           jalapeno(rw) piquin(rw)
/home/easwaran  jalapeno(rw) piquin(rw)
/mnt/cdrom      jalapeno(rw) piquin(rw)
This allows the /home, /home/easwaran and /mnt/cdrom to be exported to jalapeno and piquin, with read and write permission. Reboot the machine after you modify this file, or use these two commands:
kill -HUP rpc.nfsd
kill -HUP rpc.mounted
On the Linux client, piquin, one needs to edit the /etc/fstab file to enable mounting of remote directories. On piquin, the /etc/fstab file has this entry:
serrano:/home/easwaran /home/easwaran/serrano\
nfs defaults,rw,user,noauto 1 1
This command allows any user to mount /home/easwaran from serrano on piquin as the directory /home/easwaran/serrano. If auto is used instead of noauto, this remote directory would be automatically mounted at boot time. To mount this NFS directory manually, type mount /home/easwaran/serrano. In this case, because the directory mount point is easwaran's home, easwaran can use the mounted directory as can anyone with permissions to easwaran's subdirectory, serrano. easwaran has read and write permissions on /home/easwaran/serrano.

Linux Remote Printing

To enable the client Linux machine piquin to print on serrano, we need to configure the lp print dæmon lpd. See the Printing-HOWTO (/usr/doc/HOWTO/Printing-HOWTO.gz or visit LDP) for additional documentation and alternatives to lp. On serrano, create an /etc/hosts.lpd file listing the machines allowed to print on it. I added piquin to this file.

Printing with lpd is controlled via the /etc/printcap file. On serrano, the file looks like this:

# /etc/printcap file
lp|dj:\
        :sd=/var/spool/lpd/lp:\
        :mx#0:\
        :sh:\
        :lp=/dev/lp1:\
        :if=/var/spool/lpd/lp/filter:

lp and dj are names for the printer; sd is the spool directory; the mx line means there is no maximum size for files printed; sh suppresses headers; lp is the actual line printer device; and if is a magic filter shell script that deals with staircase effects when printing text files and other special processing that files need. On Red Hat Linux, the control panel has a print configuration tool that allows easy configuration of printers.

On piquin, the /etc/printcap file should look like this:

lp|dj:\
      :sd=/var/spool/lpd/dj:\
      :rm=serrano:\
      :rp=lp:\
      :lp=/dev/null:\
      :sh:

rm defines a remote machine; rp defines the name of the remote printer; and sd is the local spool directory. Make sure the spool directory exists. After making changes to the /etc/printcap file, restart the lpd dæmon or reboot. Now, if you print on piquin, it should appear on the printer attached to serrano.

______________________

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix