Hello, first post here. I was wondering if anyone had a tutorial or an out of box distro that would make a great desktop, and at the same time emulate the Windows "Internet Connection Sharing" (ICS). I understand that all it does is create something like a NAT router, I just don't know how to set it up in Linux. I thought I found what I needed on an IPchains/IPtables tutorial, but I really didn't understand it all that well. I'm not completely new to linux, I know my way around a little, but I'm still pretty new to a lot of the concepts.

If anyone knows of a distro that has it out of box, and it's debian based (I really like the packaging system.. what can I say?), I'd really love to know about it. But if someone can help me set it up, I'd be more than greatful.. Thanks!

What kind of network setup are you trying to set up (i.e., how many computers?, what version of windows on other computer?)

*debated if you woulda needed that.. *

anyways, it's a rather small network, just in this house.. the only problem is, my workstation happens to also be the gateway. The other machines in the house either run Windows 98 or Windows 2000 (two of each), there's a file server that runs XP Pro, and then there's this one that's currently an XP Pro machine. Didn't think it'd matter much though...

My workstation is the Gateway to the internet, because it's the only computer that has two nics, one connected to my cable modem, the other connected to a switch. Woulda shoulda coulda made the fileserver the Gateway, but between the raid controllers, and the sound card (machine's used to play/stream audio), there's just no room for a second ethernet adaptor... (small form factor computer)

It'd also be great to set up a caching proxy server on this machine, but that may be pushing it. For now I'd be very greatful with just the DHCP server and some kind of routing table.

[Everything inhouse is 192.168.0.x, this machine x=1, file server x=10, brother and mom's workstation x=21 and 22 (Windows 98 for compatibility...), and my sisters laptop and desktop x=31 and 32 (Windows 2000 for college). pretty simple, straight forward network]

OK, let me get this straight...

2 Win 98 Workstations
2 Win 2k Workstations
1 Win XP Pro File Server
and 1 Win XP Pro Workstation (your workstation and also the internet gateway)

Is your computer connected to a NAT router (usually referred to as a switch), or just a simple hub?

Just an 8 port, 10 megabit hub/switch thing. I don't really know much about it.. It's from Transition Networks and it says Pocket Hub-8 on it. It has a switch that makes it a "switch".. otherwise it'd be a 7 port hub with one uplink port..

But yes, you did get the physical network right.

Sounds like you have a typical hub.

This is what I would do if I were you...

Instead of trying to build yourself a linux gateway, you should get yourself a firewall router.

It's a straightforward, no hassle solution.

I use the 'Linksys Firewall Router', which I obtained for approx. $100 USD.

The modem connects to the router, and all the computers are connected on the other side. You can even use your hub behind the router without problem.

Since the router is a hardware firewall, no need to worry about someone hacking your OS.

The router also acts as a DHCP server with NAT.

The router does all the work. :-)

Or, alternatively, if you already have the hardware...

Here's a firewall script that'll do the NATing thang (set it to run at bootup by putting a reference to it in /etc/rc.local):

I considered this solution also, but that keeps this machine from serving my Internet Radio Station and my website.. I need exactly the solution that I proposed...

That script might work.. but how do I use it exactly.. I kinda understand.. but I dont see that file anywhere (I'm a debian/Knoppix guy if that helps..), and I don't know how to create it and get all the permissions right. Help?

(btw.. i think i've seen a script like that before in a tutorial..)

It is possible to run these services with a router by utilizing the DMZ (demilitarized zone). It is quite common to run apache web servers in the DMZ, while keeping other computers behind the firewall.

Well, to use the script....

Simply append the text in the file to the current /etc/rc.d/rc.local file.

The file should already be set as executable.

The above location is the Slackware scheme, I don't know about Debian, though.

Thanks very much.. I'll just find out where to put that file and I should be set. Thanks everyone! ;)

I also forgot to mention that you should read through the text file and make sure that all of the paths are correct for your current setup before appending it to rc.local.

Umm... Check either /etc/init.d or /etc/rc.d (I think...?) for a file called S99local. That's the Debian equivalent of the rc.local.

I'll get back to you on the port-forwarding (eg. forwarding port 80 to the machine with the webserver on it, etc).