Hiya,

I am trying to share an ADSL connection with a block of 5 real IP address's assigned to me by my ISP.

I have a Mandrake 8.2 box with a working ADSL conection and an ethernet card in connected to a switch with 2 windows xp machine also connected to the switch.

I have set up the ethernet card in the linux box with one of the 5 real ip's and set its gateway to the address of the adsl conection (static ip from zen), I have turned on ip_forward and played around with some other settings but I cant get the windows xp machines to see the internet.... They can see the linux box and the box can see them (btw I have set the windows machines up with static ip's using the linux box ethernet card ip as the gateway ip...) :confused:

Can Anyone point me in the direction of a helpfull web page or tool that might do the trick or offer any sage words of advice.....

Thanks in advance, Nick.:)

I'm not sure I understand exactly what your setup is.
What type of connection do you have to your ADSL? Is it another ethernet card?
If so, are the IP addresses on on both ethernet cards on the same IP subnet?

Well unfortunately the quick answer is you can't.

The only thing real ip's should be needed for is to allow other devices/pc's on the internet to connect directly to your pc's inside your network. usually this is not a good idea. you can use one of the ip's on a linux box and use it as a firewall and router to route traffic to the other pc's that are internal to your network and put them on a private ip space. if you needed one of the other pc's to run a particular service then you would forward that port to the appropriate pc. and you can even multinet the external nic to have all five ip's on it so ports could be forwarded to all the pc's from all the ip's.

The other way to get this to work which I highly recommmend you don't but it is the easiest way would be to connect the adsl to a hub then everyone just uses one of the public ip's but in this case you have no firewall protection at all. that is the only way to allow the pc's inside the network to use the public ip's unless you wanted to try to set up a transparent firewall which I'm not even positive that linux can do and if it could would not be easy.

Do you have to login to get the ip?? Or do you have a block of fixed ips on a /29 subnet?? If they're fixed then that is bridged adsl. You can then use proxy-arp for public ips, or ip-aliasing with port forwarding for private. Or both, AKA DMZ? Do you want your protected machines to have public or private ips?? The combos are up to you, what do you want to pull off??

have a look, search on proxy-arp at:
http://www.shorewall.net

Thanks for all the advice guys.

I have had a look at shorewall and proxy-arp and it seems like I can do what I want to do :) I am sure I will be back though when it all goes wrong ;)