This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
To: redhat-list@listman.redhat.com From: "Daniel" <danielh@ids.org.au> Subject: internet connection sharing Date: Tue, 18 Feb 2003 19:58:27 +1100 (EST) Hi, How do i go about building a gateway like windows internet connection sharing in red hat 8. === To: redhat-list@listman.redhat.com From: "Will Mc Donald" <wmcdonald@ntlworld.com> Subject: Re: internet connection sharing Date: Tue, 18 Feb 2003 09:22:52 -0000 The easiest way is probably to install a bare RH server system with two network cards, maybe with an X Window manager of your choice. Assuming you have DSL or cable, get that working using DHCP/PPPoE/whatever with your ISP with one of those network interfaces. Then setup something like gSshield[1], fwbuilder[2], or Guarddog/Guidedog[3] to provide a NATing firewall. gShield is probably the most straightfoward to install and setup I'd say though the other options provide more power and flexibility. Will. [1] http://muse.linuxmafia.org/gshield.html [2] http://www.fwbuilder.org/ [3] http://www.simonzone.com/software/guarddog/ === To: redhat-list@listman.redhat.com From: Dennis Pabalan <demic@pabalan.net> Subject: Re: internet connection sharing Date: Tue, 18 Feb 2003 17:28:03 +0800 Hello! Use a firewall (iptables) to masquearade and enable ip forwarding === To: redhat-list@listman.redhat.com From: Antonio Montagnani <anto.montagnani@virgilio.it> Subject: Re: internet connection sharing Date: Tue, 18 Feb 2003 10:37:00 +0100 I followed the next steps: 1) With Lokkit I set up a maximum security firewall (maybe not the best...) 2) Installed Webmin that allows you to set up/modify new rules in your iptables ... 3) Changed a flag fro 0 to 1 in systcl.conf file that allows masquerading 4) Added a simple rule for masquerading in Webmin firewall rule page This is the required additional line in your iptables file (if you use ppp0 for connection) -A POSTROUTING -o ppp0 -j MASQUERADE === To: redhat-list@listman.redhat.com From: "Edward Dekkers" <edward@tripled.iinet.net.au> Subject: Re: internet connection sharing Date: Tue, 18 Feb 2003 17:43:51 +0800 > How do i go about building a gateway like windows internet connection > sharing in red hat 8. > > Thanks > Daniel http://www.yolinux.com/TUTORIALS/LinuxTutorialNetworkGateway.html There's heaps more to be found on google. You need to search for the words iptables, tutorial or 'how to'. === To: psyche-list@listman.redhat.com From: John Nall <jnall01@alltel.net> Subject: Internet Connection Sharing with Linux Date: Tue, 18 Feb 2003 12:52:53 -0500 There is something I can't seem to grasp, and so far I have not found the answer. I'm trying to ween myself away from Windows and migrate to Linux (for several reasons) but gosh it sure is not easy to do even when one is determined. How in the world do you accomplish ICS??? With Windows XP I just set up one machine as the one with access to the Internet (through a dial-in modem) using the Network Configuration Wizard. The other two machines (on a 3-machine home LAN) then are set up as having their access through the network. Easy to do, works like a charm. (I am NOT praising Windows, merely observing that it is easy to do this). It is not easy with Linux. With assistance from people here, pointing me to HOWTO's and tutorials, I think that I have managed to get the dial-up machine working OK, but setting up the other two machines to access the Internet through the network seems to be a black hole. Using the Network Configuration tool (from Gnome) on them merely seems to duplicate what I already did when setting up the Ethernet connection. Do they have to know an IP address for a name server?? This takes place at my ISP, so I don't have any way of knowing the IP address for it. As I said, I'm doggedly trying to do this switch over, but it sure is not easy. Sometimes I think that Linux afficionados just take a peverse pride in things being difficult. That way, just everyone and his or her brother can't do it. :-) (If I am honest with myself, I will probably be the same way once I get it down. IF I live long enough). === To: psyche-list@listman.redhat.com From: "Carter, Shaun G" <shaun.carter@eds.com> Subject: RE: Internet Connection Sharing with Linux Date: Tue, 18 Feb 2003 13:03:33 -0500 Has anyone pointed you here? http://www.justlinux.com/nhf/Networks/Easy_Internet_Sharing.html === To: psyche-list@listman.redhat.com From: Jesse Keating <hosting@j2solutions.net> Subject: Re: Internet Connection Sharing with Linux Date: Tue, 18 Feb 2003 10:08:25 -0800 On Tuesday 18 February 2003 10:03, Carter, Shaun G wrote: > Has anyone pointed you here? > > http://www.justlinux.com/nhf/Networks/Easy_Internet_Sharing.html Ugh, it's outdated if they are pushing the use of ipchains on users. Perhaps somebody should re-vamp the how-to to fit iptables users. === To: psyche-list@listman.redhat.com From: Tommy McNeely <Tommy.McNeely@Sun.COM> Subject: RE: Internet Connection Sharing with Linux Date: Tue, 18 Feb 2003 11:10:22 -0700 BAD NEWS!! DO NOT USE THIS SITE! This was written for linux 2.2 using ipchains.. I suggest you do not use this site .. at least not explicitly.. I am still searching for a decent site that explains this using a recent version of linux. Tommy === To: psyche-list@listman.redhat.com From: "Sergio Durand" <sergio@seb.com.br> Subject: Re: Internet Connection Sharing with Linux Date: Tue, 18 Feb 2003 15:10:08 -0300 for the fast and simple configuration, setup your squid ... and configure clients browsers to use proxy server ... this way is more easy .. now, for a good look configuration, do you need learn iptables (www.netfilter.com or .org... i don't remember..) there're many howtos... with examples... try!! === To: psyche-list@listman.redhat.com From: "Carter, Shaun G" <shaun.carter@eds.com> Subject: RE: Internet Connection Sharing with Linux Date: Tue, 18 Feb 2003 13:12:11 -0500 Here's more At the Server Add the following line to the /etc/sysconfig/network file: FORWARD_IPV4=yes Add the following to the /etc/rc.d/rc.local file: ipfwadm -F -p deny ipfwadm -F -a m -S 192.168.0.0/24 -D 0.0.0.0/0 Now start them manually from the command line so you don't have to reboot. At the client You have to tell your windows clients to use the Linux server as the gateway. Right-click on the Network Neighborhood icon and select "properties". Select the TCP/IP for your network card. Select "Properties". On the IP Address tab select "Specify an IP address:" radio button. Enter the IP address in the box below. Enter the Subnet Mask. (typically 255.255.255.0) Select the gateway tab. Enter the IP address of your server in the "New gateway" box and press Add. Select the DNS Configuration tab. Select the Enable DNS radio button. Enter the computer name in the "Host" box and the Domain name in the "Domain" box. Enter the DNS server for your ISP in the DNS Server Search Order box and press Add. Press OK to exit the TCP/IP Properties window. Press OK to exit the Network Properties window. Reboot the client. === To: psyche-list@listman.redhat.com From: "Carter, Shaun G" <shaun.carter@eds.com> Subject: RE: Internet Connection Sharing with Linux Date: Tue, 18 Feb 2003 13:13:00 -0500 yeah, I just noticed that. Sorry, don't ipchains commands work in iptables though? I thought I remembered reading that somewhere. === To: psyche-list@listman.redhat.com From: "Carter, Shaun G" <shaun.carter@eds.com> Subject: RE: Internet Connection Sharing with Linux Date: Tue, 18 Feb 2003 13:14:11 -0500 ACK, the last email I sent was for ipfwadfm, disregard that one too. Talk about a bad track record today. === To: psyche-list@listman.redhat.com From: Thomas Robinson <tom.robinson@daedaluscompass.com> Subject: Re: Internet Connection Sharing with Linux Date: 18 Feb 2003 18:23:13 +0000 On Tue, 2003-02-18 at 17:52, John Nall wrote: > determined. How in the world do you accomplish ICS??? For the non-windows people; what's ICS? (Internet Connection Sharing???) > I think that I have managed to get the dial-up > machine working OK, You need to specify the gateway computer in windows. That will be the linux computer that does the internet dialling for your network. I'm no expert at windows but I think you need to adjust the network settings so that the gateway is set correctly. That done, you will probably need some sort of NAT on the gateway computer to get to the outside world. That leads to all sorts of other questions like: you want a firewall, right? I could assume that you're running redhat but I'll ask anyway. What distribution of Linux are you running? Red Hat has a firewall you can setup during install. For a dedicated firewall/router you might try Bering which can be found on the LEAF (Linux Embedded Appliance Firewall) website. http://leaf.sourceforge.net/index.php?menu=1 (I've not used Bering but it looks quite good. I've used dachstein which was it's predecessor). These sort of firewalls typically boot from a floppy or CD so you can generally try them out without destroying an existing setup. > but setting up the other two machines to access the > Internet through the network seems to be a black hole. Using the Network > Configuration tool (from Gnome) on them merely seems to duplicate what I > already did when setting up the Ethernet connection. Do they have to know > an IP address for a name server?? This takes place at my ISP, so I don't > have any way of knowing the IP address for it. It would be helpful to know your LAN a bit more. How many systems and what OS's are you running? Is it heterogeneous or homogeneous? When you set up an interface on linux you should also set up the gateway (as you did for windows). This creates a route on the machine to send packets to. On linux the nameserver information goes in /etc/resolv.conf. man resolv.conf will give you a few pointers there. If you don't run BIND then you will need some host resolution through /etc/hosts (man hosts). For more on linux networking try http://www.tldp.org/HOWTO/Net-HOWTO/. Some other commands that you might like to try on the command-line or read the man pages for are: route ifconfig netstat ping traceroute t. === To: psyche-list@listman.redhat.com From: Tommy McNeely <Tommy.McNeely@Sun.COM> Subject: Re: Internet Connection Sharing with Linux Date: Tue, 18 Feb 2003 12:01:57 -0700 John Nall wrote: > There is something I can't seem to grasp, and so far I have not found the > answer. I'm trying to ween myself away from Windows and migrate to Linux > (for several reasons) but gosh it sure is not easy to do even when one is > determined. How in the world do you accomplish ICS??? > > With Windows XP I just set up one machine as the one with access to the > Internet (through a dial-in modem) using the Network Configuration > Wizard. The other two machines (on a 3-machine home LAN) then are set up > as having their access through the network. Easy to do, works like a > charm. (I am NOT praising Windows, merely observing that it is easy to do > this). > > It is not easy with Linux. With assistance from people here, pointing me > to HOWTO's and tutorials, I think that I have managed to get the dial-up > machine working OK, but setting up the other two machines to access the > Internet through the network seems to be a black hole. Using the Network > Configuration tool (from Gnome) on them merely seems to duplicate what I > already did when setting up the Ethernet connection. Do they have to know > an IP address for a name server?? This takes place at my ISP, so I don't > have any way of knowing the IP address for it. > > As I said, I'm doggedly trying to do this switch over, but it sure is not > easy. Sometimes I think that Linux afficionados just take a peverse pride > in things being difficult. That way, just everyone and his or her brother > can't do it. :-) (If I am honest with myself, I will probably be the > same way once I get it down. IF I live long enough). > You are correct. it is not "easy" nor currently "built-in" to RedHat. I followed the FAQs on http://www.netfilter.org .. but that is not nearly as "easy" as checking the little checkbox.. I think RFE's have been filed against this (gnome-lokkit or whatever that default "firewall tool" is), if not they should be :) === To: psyche-list@listman.redhat.com From: "Carter, Shaun G" <shaun.carter@eds.com> Subject: RE: Internet Connection Sharing with Linux Date: Tue, 18 Feb 2003 13:51:19 -0500 smoothwall is also very nice. the new beta (2.0.4) is rocksolid. www.smoothwall.org === To: psyche-list@listman.redhat.com From: Dax Kelson <dax@gurulabs.com> Subject: Re: Internet Connection Sharing with Linux (ANSWER) Date: 18 Feb 2003 13:06:55 -0700 On Tue, 2003-02-18 at 10:52, John Nall wrote: > There is something I can't seem to grasp, and so far I have not found the > answer. I'm trying to ween myself away from Windows and migrate to Linux > (for several reasons) but gosh it sure is not easy to do even when one is > determined. How in the world do you accomplish ICS??? Just do the following. 1. Set the your client machines to use the ethernet IP address of your Linux firewall/gateway as their default gateway. This can be done manually on each machine, or you could setup DHCP on your Linux box (see step 4 below) 2. Configure IP masquerading on your Linux box. You said you were using a modem. The following commands will be sufficient: # iptables -F # iptables -t nat -F # iptables -A INPUT -i ppp0 -m state --state ESTABLISHED,RELATED -j ACCEPT # iptables -A INPUT -i ppp0 -j DROP # iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE # service iptables save # echo "modprobe ip_nat_ftp" >> /etc/rc.local # perl -e 's/forward = 0/forward = 1/' -pi /etc/sysctl.conf # echo 1 > /proc/sys/net/ipv4/ip_forward 3. Optionally, setup a caching DNS server on your box for your clients to use. Install RPM package: bind and caching-name server, then run: # chkconfig named on # service named on 4. Optionally, setup a DHCP server. Let's assume that you are using 192.168.69.0/255.255.255.0 as your internal network. Let's assume that your Linux box's ethernet address is 192.168.69.1. Install the RPM package: dhcp Create the file /etc/dhcpd.conf with the following contents: ddns-update-sytle none; subnet 192.168.69.0 netmask 255.255.255.0 { option routers 192.168.69.1; option subnet-mask 255.255.255.0; option domain-name-servers 192.168.69.1; range 192.168.69.100 192.168.69.200; } Then run start the DHCP server and make sure it will run at boot time: # service dhcp start # chkconfig dhcp on Note: I did all this from memory, so you may want check the dhcpd.conf syntax against the man page. I think it's right though. === To: psyche-list@listman.redhat.com From: John Nall <jnall01@alltel.net> Subject: Re: Internet Connection Sharing with Linux Date: Tue, 18 Feb 2003 15:28:55 -0500 At 03:10 PM 2/18/2003 -0300, Sergio Durand wrote: >for the fast and simple configuration, setup your squid ... >and configure clients browsers to use proxy server ... >this way is more easy .. I think that I am beginning to get a glimmer of what my main problem is -- I am not able to translate from Linuxese to English! :-) Setup my squid??? I'm going to have to do some google work and see what is going on. Us old Windows people who are trying to migrate have a long hard row to hoe! (The above should not be interpreted as meaning I am not grateful for the advice. I am, and I will figure out what it says.) Some other notes seemed to have conflicting advice, but I did get some pointers to places to look so will go there and read stuff. Perhaps a stiff drink might help with all this. === To: psyche-list@listman.redhat.com From: "jdow" <jdow@earthlink.net> Subject: Re: Internet Connection Sharing with Linux Date: Tue, 18 Feb 2003 13:35:16 -0800 From: "Tommy McNeely" <Tommy.McNeely@Sun.COM> > BAD NEWS!! DO NOT USE THIS SITE! > > This was written for linux 2.2 using ipchains.. I suggest you do not use > this site .. at least not explicitly.. I am still searching for a decent > site that explains this using a recent version of linux. Two sites: 1) http://www.netfilter.org/ That's THE authoritative site for IPTables 2) http://ipmasq.cjb.net/ That one has two example firewall and forwarding scripts. Both work. Both are drop ins. Site 2 is perhaps more to the point for this query. Linux NAT is a little harder to set up than XP. Linux folks believe in security. Proper security takes a little more work, sometimes. === To: psyche-list@listman.redhat.com From: Steve <steve@squirrelhunters.com> Subject: Re: Internet Connection Sharing with Linux Date: Tue, 18 Feb 2003 15:47:48 -0600 On Tue, 18 Feb 2003 13:35:16 -0800 "jdow" <jdow@earthlink.net> wrote: > From: "Tommy McNeely" <Tommy.McNeely@Sun.COM> > > > BAD NEWS!! DO NOT USE THIS SITE! > > > > This was written for linux 2.2 using ipchains.. I suggest you do not use > > this site .. at least not explicitly.. I am still searching for a decent > > site that explains this using a recent version of linux. > > > > Tommy > > Two sites: > 1) http://www.netfilter.org/ That's THE authoritative site for IPTables > 2) http://ipmasq.cjb.net/ That one has two example firewall and > forwarding > scripts. Both work. Both are drop ins. > > Site 2 is perhaps more to the point for this query. Linux NAT is a little > harder to set up than XP. Linux folks believe in security. Proper security > takes a little more work, sometimes. try firestarter.sourceforge.net GUI interface - very very easy to setup! === To: psyche-list@listman.redhat.com From: John Dey <jsdey@optonline.net> Subject: Re: Internet Connection Sharing with Linux Date: Tue, 18 Feb 2003 17:51:41 -0500 John: The breath of knowledge to understand and to be able to configure ALL linux programs is tremendous. Like you, I had a similar experience awhile back with a small office network I had been using samba with for years. I got cable and wanted to serve up browsing and email to the other XP clients on the network. I got browsing working but was unable to handle the email configuration. My work depended on getting things up and running quickly. My solution was to ask for help. I agreed to pay an individual that had been helping me anyway but because of my ignorance was taking too long. I allowed him ssh access and he was able to get me up and running quickly. The gentleman is still working with IPTable for me but I have rules in place now that have been working without a hitch. If you would like a reference, let me know off line. In summary: if you don't have access to an unix type individual, you can waste a lot of time and get yourself frustrated with documentation that might turn out to be outdated. My approach may be considered a cop-out by some but it worked for me. === To: psyche-list@listman.redhat.com From: "jdow" <jdow@earthlink.net> Subject: Re: Internet Connection Sharing with Linux Date: Tue, 18 Feb 2003 13:46:24 -0800 From: "Carter, Shaun G" <shaun.carter@eds.com> > yeah, I just noticed that. Sorry, don't ipchains commands work in iptables > though? I thought I remembered reading that somewhere. No. Nor are the two command NAT "solutions" at all secure. They do nothing to protect the NAT machine. The http://ipmasq.cjb.net/ is the best site to which you should refer. "service ipchains stop" "service iptables start" "rpm -e ipchains" Then setup either of the firewall plus NAT scripts on the above site. At that time you can sit back and relax. I placed the command that fills the firewall in the /etc/ppp/ip-up.local command since my connection uses PPPoE. Otherwise it may need to go into /etc/sysconfig/network-scripts/ifup-local and place the iptables script's executation in there. Only if you have a static IP will you really want to place your script where Red Hat places it. (I prefer the added security of throwing actual IP addresses into the iptables scripts rather than merely declaring the interfaces.) === To: psyche-list@listman.redhat.com From: John Nall <jnall01@alltel.net> Subject: DNS query (was Internet Connection Sharing) Date: Sat, 22 Feb 2003 15:30:22 -0500 Thanks to some people on here I have managed to navigate the underbrush (and trip over a few roots) and finally have Internet Connection Sharing going on my home LAN. I can dial in to the ISP with one and then access the Internet from all three. Which is what I wanted to do. However...one small query, since one thing is so ugly that it doesn't seem like I should be doing it that way. And that has to do with the name resolving by the PC's on the network which have to go through the gateway. Once I have dialed in to the ISP with the gateway system and connected, my /etc/sysconfig/network file on that system magically shows two nameservers for name resolving. They are apparently placed there as part of the activation of ppp0. Well and good. Linux marches on. In order to make the other two systems work, however, I have to manually place the same two IP addresses in their /etc/sysconfig/network file also. It works, yes. But it is ugly, and it is hard to believe there is not a better way to do it. (Also, if the ISP changes those, which I don't know how stable they are, then I will have to change them also). Seems like if the gateway computer has the DNS addresses it could just pass it on to its two buddies. === To: psyche-list@listman.redhat.com From: Jesse Keating <hosting@j2solutions.net> Subject: Re: DNS query (was Internet Connection Sharing) Date: Sat, 22 Feb 2003 12:38:23 -0800 On Saturday 22 February 2003 12:30, John Nall uttered: > In order to make the other two systems work, however, I have to manually > place the same two IP addresses in their /etc/sysconfig/network file > also. It works, yes. But it is ugly, and it is hard to believe there is > not a better way to do it. (Also, if the ISP changes those, which I don't > know how stable they are, then I will have to change them also). > > Seems like if the gateway computer has the DNS addresses it could just pass > it on to its two buddies. That'll only work if you are using DHCP and specifically pass name servers as part of the DHCP lease. A better solution, configure the dialup PC to run a caching only name server, then point your lan PCs at the dialup PC for a dns server. Works like a charm. === To: psyche-list@listman.redhat.com From: John Nall <jnall01@alltel.net> Subject: Re: DNS query (was Internet Connection Sharing) Date: Sat, 22 Feb 2003 15:45:18 -0500 At 12:38 PM 2/22/2003 -0800, Jesse Keating wrote: >A better solution, configure the dialup PC to run a caching only name server, >then point your lan PCs at the dialup PC for a dns server. Works like a >charm. OK. I'll start trying to figure out how to do that (run the caching only name server) but if you want to give me a hint it might make it easier. If not, I will eventually figure it out, though. :-) === To: psyche-list@listman.redhat.com From: Jesse Keating <hosting@j2solutions.net> Subject: Re: DNS query (was Internet Connection Sharing) Date: Sat, 22 Feb 2003 12:52:52 -0800 On Saturday 22 February 2003 12:45, John Nall uttered: > OK. I'll start trying to figure out how to do that (run the caching only > name server) but if you want to give me a hint it might make it easier. If > not, I will eventually figure it out, though. :-) http://www.redhat.com/docs/manuals/linux/RHL-8.0-Manual/custom-guide/ch-bindconf.html === To: psyche-list@listman.redhat.com From: Stephen Carville <carville@cpl.net> Subject: Re: DNS query (was Internet Connection Sharing) Date: Sat, 22 Feb 2003 14:10:37 -0800 John Nall wrote: > Thanks to some people on here I have managed to navigate > the underbrush (and trip over a few roots) and finally > have Internet Connection Sharing going on my home LAN. I > can dial in to the ISP with one and then access the > Internet from all three. Which is what I wanted to do. > However...one small query, since one thing is so ugly that > it doesn't seem like I should be doing it that way. And > that has to do with the name resolving by the PC's on the > network which have to go through the gateway. > Once I have dialed in to the ISP with the gateway system > and connected, my /etc/sysconfig/network file on that > system magically shows two nameservers for name resolving. > They are apparently placed there as part of the activation > of ppp0. Well and good. Linux marches on. > In order to make the other two systems work, however, I > have to manually place the same two IP addresses in their > /etc/sysconfig/network file also. It works, yes. But it > is ugly, and it is hard to believe there is not a better > way to do it. (Also, if the ISP changes those, which I > don't know how stable they are, then I will have to change > them also). > Seems like if the gateway computer has the DNS addresses > it could just pass it on to its two buddies. Set up the gateway as a caching nameserver and point your intranet machines to it. http://www.tldp.org/HOWTO/DNS-HOWTO-3.html Don't forget to poke a hole in the firewall for port 53 tcp/udp. === To: psyche-list@listman.redhat.com From: John Nall <jnall01@alltel.net> Subject: Re: DNS query (was Internet Connection Sharing) Date: Sat, 22 Feb 2003 18:39:35 -0500 At 12:52 PM 2/22/2003 -0800, Jesse Keating wrote: >On Saturday 22 February 2003 12:45, John Nall uttered: > > OK. I'll start trying to figure out how to do that (run the caching only > > name server) but if you want to give me a hint it might make it easier. If > > not, I will eventually figure it out, though. :-) > >http://www.redhat.com/docs/manuals/linux/RHL-8.0-Manual/custom-guide/ch-bindconf.html OK. Pretty subtle, but I figured it out. :-) Thanks. === To: psyche-list@listman.redhat.com From: toby <tkb9@adelphia.net> Subject: Re: DNS query (was Internet Connection Sharing) Date: Sat, 22 Feb 2003 18:51:35 -0500 John Nall wrote: > > Thanks to some people on here I have managed to navigate the underbrush > (and trip over a few roots) and finally have Internet Connection Sharing > going on my home LAN. I can dial in to the ISP with one and then access > the Internet from all three. Which is what I wanted to do. > > However...one small query, since one thing is so ugly that it doesn't seem > like I should be doing it that way. And that has to do with the name > resolving by the PC's on the network which have to go through the gateway. > > Once I have dialed in to the ISP with the gateway system and connected, my > /etc/sysconfig/network file on that system magically shows two nameservers > for name resolving. They are apparently placed there as part of the > activation of ppp0. Well and good. Linux marches on. > > In order to make the other two systems work, however, I have to manually > place the same two IP addresses in their /etc/sysconfig/network file > also. It works, yes. But it is ugly, and it is hard to believe there is > not a better way to do it. (Also, if the ISP changes those, which I don't > know how stable they are, then I will have to change them also). > > Seems like if the gateway computer has the DNS addresses it could just pass > it on to its two buddies. pdnsd will do the trick too. http://home.t-online.de/home/Moestl/ === To: psyche-list@listman.redhat.com From: ipv4firewall@netscape.net Subject: RE: DNS query (was Internet Connection Sharing) Date: Sat, 22 Feb 2003 20:40:09 -0500 John Nall <jnall01@alltel.net> wrote: >Thanks to some people on here I have managed to navigate the underbrush >(and trip over a few roots) and finally have Internet Connection Sharing >going on my home LAN. I can dial in to the ISP with one and then access >the Internet from all three. Which is what I wanted to do. > >However...one small query, since one thing is so ugly that it doesn't seem >like I should be doing it that way. And that has to do with the name >resolving by the PC's on the network which have to go through the gateway. > >Once I have dialed in to the ISP with the gateway system and connected, my >/etc/sysconfig/network file on that system magically shows two nameservers >for name resolving. They are apparently placed there as part of the >activation of ppp0. Well and good. Linux marches on. > >In order to make the other two systems work, however, I have to manually >place the same two IP addresses in their /etc/sysconfig/network file >also. It works, yes. But it is ugly, and it is hard to believe there is >not a better way to do it. (Also, if the ISP changes those, which I don't >know how stable they are, then I will have to change them also). > >Seems like if the gateway computer has the DNS addresses it could just pass >it on to its two buddies. Add the name server IPs to the /etc/resolv.conf file on each of the computers. Also see man resolv.conf ===