Inhaltsverzeichnis
Linux Networking Tips
Internet Connection
Wireless
Wired with DSL Router
The DSL Router usually sets up the internet connection with PPPOE. This means, on your computer you just have to enable DHCP with netconfig. Thats all.
With Dsl Modem
Backup:
cp -a /etc/ppp /etc/ppp.org'' cp /etc/resolv.conf /etc/resolv.conf.org
setup command (as root): pppoe-setup (was till Slack10.0 adsl-setup) :
PPPoE user name: frn6/stbeckert # Freenet Ethernet Interface: eth0 Activate-on-demand: 180 # yes; idle timeout = 180 seconds DNS addresses: server # Supplied by ISP's server PPPoE password: ? # Provided by ISP Firewalling: 0 # = NONE : No firewall
Die Einstellungen kann man nachträglich noch in /etc/ppp/ppoe.conf ändern.
Put pppoe-start into rc.local
At the first connection there is no resolv.conf, so a ping to e.g web.de won't start the demand-connection. Do a ping to an IP, eg 217.72.195
With analog Modem
- ISP example: knuut
Doc pppsetupwith usepeerdns demand debug
To add another ISP later, add username & password to /etc/ppp/pap-secrets (or chap-secrets):
# Username Server Password IP addresses "knUUt" * "knUUt" "smart91" * "surfen" "avisgo" * "avisgo"
Then adjust the phone number of the ISP in /etc/ppp/pppscript at the line OK atdtXXXXXX„
And finally change the name entry in /etc/ppp/options or options.demand to the username provided by the ISP, eg: name „knUUt“
Firewall setup
Create /etc/rc.d/rc.firewall and make it runnable. Thus rc.firewall will be called automatically by rc.inet2 (which is called by rc.M which is usually called at boot time).
#!/bin/sh # Information sources: # [1] Masquerading-Simple-HOWTO # [2] man iptables ODEV=ppp0 # LOAD KERNEL MODULES # ipt_MASQUERADE it will load ip_tables, ip_conntrack and iptable_nat. [1] # If the kernel is configured with automatic module loading, an attempt will be # made to load the appropriate module for that table [2] #modprobe ipt_MASQERADE # FLUSCH IPTABLES (empty chains, does not reset the policy) iptables -F # -t filter ist the default iptables -t nat -F iptables -t mangle -F # FIREWALL: # allow any existing connections, or anything related (e.g. ftp server # connecting back to you) iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # allow new connections only from our intranet (localhost / internal network). # The ! $ODEV means anything but external device (important also for loopbak) iptables -A INPUT -m state --state NEW -i ! $ODEV -j ACCEPT # Default policy: deny everything else: iptables -P INPUT DROP # necessary ??? # mal nachgucken, ob sich die Ausgabe von iptables -L mit & ohne diesem Befehl # unterscheidet: iptables -A FORWARD -i $ODEV -o $ODEV -j REJECT # MASQUERADING # In der NAT-Tabelle (-t nat) eine Regel fuer alle ueber das Internet- # Device (-o) ausgehenden Pakete, die maskiert werden sollen, hinter dem # Routing (POSTROUTING) anhaengen (-A). iptables -t nat -A POSTROUTING -o $ODEV -j MASQUERADE # Definitions: # There are 3 tables: filter (default), nat, mangle # A table contains chains (built in or user defined) # A chain is a list of rules and a policy # A rule specifies packet criteria and a target # A target can be ACCEPT, DROP, user-defined chain, MASQUERADE, REJECT, ... # # General: (simplyfied) # The first rule in the chain with matching packet criteria sends the packet to its rule-target. # If the end of a built-in chain is reached, because no rule matched the chain policy treats the packet. # # Overview: # Table: # Chain: # filter # INPUT packets coming into the box itself # FORWARD packets being routed through the box # OUTPUT locally-generated packets # nat # PREROUTING altering packets as soon as they come in # OUTPUT altering locally-generated packets before routing # POSTROUTING altering packets as they are about to go out # mangle # ...
Check, if this is the same as in my old homepage