Re: *STILL* trying to get it to work

[Jeff Licquia <jeff@luci.org>]

[sorry for the late reply...]

Mike Gatton wrote:

> It's now been seven weeks, and the Linux box I intended to use as a
> router to the internet *STILL* ain't working.
>
> But, I'm getting a little closer... I Think.
>
> >From the Linux box, I can ping anything on the net either by name or
> IP number with success. From other computers connected to the local
> network, I can ping neither by IP nor name, however an attempt to ping
> by name *DOES* return the IP number (See below after
> "Pinging www.luci.org [###.###.###.###]")
>
> >From this, I deduce that my DNS is working ok and also that I can
> initiate a dial and connection from another computer on the network.
> However, If I can get this far, why can't I get info from the internet
> to a workstation?
>
> I have assumed that I was 'filtering' out the replys from the internet
> and have opened up (I think) all restrictions. with both diald and
> ipfwadm.
>
> If I stare at that screen any longer, it will become a race as to which
> happend first, my wife leaving me or developing tumors on my eyeballs.
>
> I think I need a better understanding of how 'route' actually works, and
> what other commands I can use to 'see' whats happening.
>
> This is what I see on other computers on the local network:
> ---------------------------------------------------------------------------
>
> C:\WINDOWS>ping www.luci.org
>
> Pinging www.luci.org [207.239.117.253] with 32 bytes of data:
>
> Request timed out.
>
> Request timed out.
>
> Request timed out.
>
> Request timed out.
>
> Ping statistics for 207.239.117.253:
>
>     Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
>
> Approximate round trip times in milli-seconds:
>
>     Minimum = 0ms, Maximum =  0ms, Average =  0ms
>
> --------------------------------------------------------------------------
>
> needless to say, browsing is out of the question at present as is
> sending
> and receiving (pop3) eMail.
>
> I think I am missing something at the conceptial level.
>
> Tnkx, Mike.

It looks like you're almost there.

Are you using a local-only (192.168.x.x, 10.x.x.x) IP network?  If so, your
other boxes won't be able to get onto the Internet without some kind of proxy.

There are two ways to get a proxy:

1.  Use Linux's IP masquerade feature.  The quickest way to get that started
is:

ipfwadm -F -a accept -S x.x.x.0/24 -D 0.0.0.0/0 -m

(Substitute your network number for the x's.)

That should get your other boxes pinging.

2.  Set up squid.  Squid is a Web proxy that speeds up Web access.  Check out
squid.nlanr.net for more info.  Red Hat ships squid as of rather recently
(it's in 5.2), and it works out of the box.  Don't know if Caldera does.

Anyway, after squid is up, configure your browsers.  Set the proxy for HTTP,
FTP, and Security to point to your Linux box on port 3128 (that's the default
port squid sets itself up on).

I recommend squid even if you also do masquerade, since squid can speed up
browsing by as much as a factor of two even for single-user dialup, and is
simply a miracle worker on LANs.



--
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.