In article <user-0DEFDC.09574715082003scream.auckland.ac.nz>,
Peter KERR <userhost.domain> wrote:
Many things are possible, but unless you create an isolated network that> I haven't yet found a reasonable description of the mechanism, beyond
> the dire warnings of what it might do to your network, and the simple
> instructions to turn it ON or OFF.
> My situation is on a LAN with full campus management of subnets and
> firewalling, and volume based metering of traffic per IP number.
> Computers have different levels of access to the world, some have none,
> and all with traffic loading potential are "registered" to a real
> person. This is for billing any excess traffic over quota, and for
> tracking virus, intrusion, etc incidents.
> I have minor admin rights over our local subnet. Often I find myself at
> a machine with blocked access, but I want to check a distant web page,
> or download software.
> So, can I share my desktop IPnr (MacOS 10.2.6) with just a few specified
> clients, or would it be easier to run a proxy server on my machine?
only connects to your Mac via a 2nd ethernet card or maybe an Airport, I
would advise against enabling IP sharing on your Mac.
The general idea of internet sharing is that one ethernet port on your
Mac or your modem is connected to an internet service provider. Via a
separate networking port, your Mac is also connected to a local network
(like some attached systems in your home, or in a small office). None
of these other systems are connected in anyway to the ISP (where ISP in
this case is your campus network).
When you enable IP sharing, the Mac will use the IP addresses 10.*.*.*
for your private little network. The network addresses 10.*.*.* and
192.168.*.* are reserved for private networks and are not allowed on the
Internet because they are not unique. In fact there are most likely
several 100 thousand or milliions of systems out there with IP addresses
of 10.0.1.2 and 192.168.0.2 all sitting on private networks.
The router (in this case your Mac) will setup a NAT server that takes
requests from your private systems and changes their IP address to its
own IP address and assigns it a unique IP port number when it sends the
request out to the internet via the ISP. When responses come back to
that port number, the NAT server will change the request back to the
originating sytsems IP address and originating port number and route the
reply back to the originating system.
Because the system your Mac is sharing its IP address with, have private
network IP addresses, these systems can not be sitting on anything that
is directly connected to the internet as those private IP addresses
would cause problems in general.
So I suspect that for your setup, you do not have a private little
network with your Mac acting as the router, so you should not enable
Ineternet sharing on your Mac.
Now you may be able to get what you want by using a port forwarding
server on your Mac, or running a VNC server on your Mac and a VNC client
on the other systems you visit.