Professional Web Applications Themes

sharing a DSL connection using FreeBSD-5.3 - FreeBSD

hello every one! i have a freebsd machine which i want to use to share my DSL connection to a LAN. basically, i have tested my FreeBSD-4.10 to connect to my DSL provider which gave me a static IP address. using a setup with one LAN card and correctly setup IP address & settings, I was able to access the Internet painlessly. now, i bought a new LAN card which I will connect to my LAN switch. the old LAN card will be my interface to the WAN (DSL provider). i haven't done anything to share the Internet coz I ...

  1. #1

    Default sharing a DSL connection using FreeBSD-5.3

    hello every one!

    i have a freebsd machine which i want to use to share my DSL
    connection to a LAN. basically, i have tested my FreeBSD-4.10 to
    connect to my DSL provider which gave me a static IP address. using a
    setup with one LAN card and correctly setup IP address & settings, I
    was able to access the Internet painlessly. now, i bought a new LAN
    card which I will connect to my LAN switch. the old LAN card will be
    my interface to the WAN (DSL provider). i haven't done anything to
    share the Internet coz I want to have an idea from you on what are the
    next steps in confguring my FreeBSD to share Internet. i will first
    upgrade my OS to FreeBSD-5.3 which is the latest stable version of
    FreeBSD.

    here's my ifconfig which shows that my newly installed card is
    recognized together with my working LAN card which is currently
    connected to my DSL internet provider.

    %ifconfig
    rl0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
    ether 00:11:95:26:4e:58
    media: Ethernet autoselect (10baseT/UTP)
    status: no carrier
    dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    inet 210.125.155.126 netmask 0xffffff00 broadcast 210.125.155.255
    inet6 fe80::280:adff:fe00:572c%dc0 prefixlen 64 scopeid 0x2
    ether 00:80:ad:00:57:2c
    media: Ethernet autoselect (100baseTX <full-duplex>)
    status: active
    lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
    lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
    inet6 ::1 prefixlen 128
    inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
    inet 127.0.0.1 netmask 0xff000000
    ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
    sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552

    according to some FreeBSD doentations, i need to configure my
    machine as a gateway and use NAT. others also say about using a
    firewall. im concerned on the ease of maintaining the FreeBSD as a DSL
    router. im also concerned on filtered ports or port forwarding which
    may block certain ports such as Yahoo messenger and online games. if i
    use FreeBSD+NAT+firewall, would Windows clients that runs on specific
    ports (i.e. YM and online games) still be able to work? before, i used
    WinRoute and WinGate but there are instances when I can't get to work
    certain applications due to the limitations of the gateway.

    does anyone here can show me the steps I need to follow to be able to
    setup a FreeBSD-based DSL internet sharing server which is easy to
    maintain, fast and secured?

    thank you very much!
    -edwin

    P.S.

    I love FreeBSD!

    --
    --
    Edwin D. Viņas
    http://www.geocities.com/edwin_vinas/
    IN THE WORLD OF SCIENCE,
    NOTHING IS IMPOSSIBLE.
    --
    Edwin Guest

  2. #2

    Default RE: sharing a DSL connection using FreeBSD-5.3

    org wrote: 

    Edwin, did you post here a few days ago as Cheezy Vines? If so, several
    people posted suggestions to you to fix the problem, did you get these?

    Ted
    Ted Guest

  3. #3

    Default Re: sharing a DSL connection using FreeBSD-5.3

    On Mon, 14 Mar 2005, Edwin D. Vinas wrote:
     

    [snip]
     

    You don't HAVE to do any of these things, although since your subject
    line says "sharing a DSL connection", NAT is sort of implied. Here is
    what each thing does; decide for yourself if you need it.

    - Making this machine a gateway means that your "inside" machines can
    all connect through it, i.e. you'd set this machine's inside IP (the one
    you'll configure for rl0) as their default router. In this scenario, the
    inside machines may or may not have public routable IP addresses. If
    they do, and you don't run a firewall, they are on their own for
    security.

    - NAT allows many "inside" machines to share one "outside" IP address,
    so you can have Internet connectivity from all your machines even though
    you only have one public IP address. NAT makes no sense unless your BSD
    machine is also a gateway. But still, if you don't run a firewall, the
    inside machines are on their own for security.

    - A firewall is not required for functionality, but most people (myself
    included) think it's a good idea. Ipfw, ipf and pf are all packet
    filters - they allow you to configure what connections will be
    permitted, based on IP address and port number among other criteria.

    In any event, you will need configure rl0 for your internal address
    space. Assuming NAT, i.e. you only have one public IP, you will need to
    decide what your internal address space will be, and configure your
    internal machines (and rl0 on the gateway!) accordingly. Per RFC1918,
    your choices are

    10.0.0.0 - 10.255.255.255 (10/8 prefix)
    172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
    192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

    These are officially reserved address spaces that most upstream routers
    will never send out to the public Internet. (see
    http://www.faqs.org/rfcs/rfc1918.html)
     

    It's pretty straightforward. Set it up as you see fit, see if everything
    you need to do works. If it doesn't, open up the necessary port(s) and
    try again. If it were me, I'd set it up *for a limited time* with no
    firewall, just to make sure the gateway works (i.e. I can connect from
    an inside machine). Once that's established, I'd start dinking with the
    firewall - start with all ports blocked, then open ports up one by one
    until everything I need works.
     

    If you block those ports, they won't work. If you need these things to
    work, and accept any security risks, open those ports on the firewall.

    HTH.

    --
    Chris Hill org
    ** [ Busy Expunging <|> ]
    Chris Guest

  4. #4

    Default Re: sharing a DSL connection using FreeBSD-5.3

    For PF , try:

    http://www.section6.net/help/pf.php

    For IPF, try :

    http://www.section6.net/help/nat.php

    Hope this helps,

    T
    ----- Original Message -----
    From: "Edwin D. Vinas" <com>
    To: <org>
    Sent: Sunday, March 13, 2005 6:05 PM
    Subject: sharing a DSL connection using FreeBSD-5.3


    hello every one!

    i have a freebsd machine which i want to use to share my DSL
    connection to a LAN. basically, i have tested my FreeBSD-4.10 to
    connect to my DSL provider which gave me a static IP address. using a
    setup with one LAN card and correctly setup IP address & settings, I
    was able to access the Internet painlessly. now, i bought a new LAN
    card which I will connect to my LAN switch. the old LAN card will be
    my interface to the WAN (DSL provider). i haven't done anything to
    share the Internet coz I want to have an idea from you on what are the
    next steps in confguring my FreeBSD to share Internet. i will first
    upgrade my OS to FreeBSD-5.3 which is the latest stable version of
    FreeBSD.

    here's my ifconfig which shows that my newly installed card is
    recognized together with my working LAN card which is currently
    connected to my DSL internet provider.

    %ifconfig
    rl0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
    ether 00:11:95:26:4e:58
    media: Ethernet autoselect (10baseT/UTP)
    status: no carrier
    dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    inet 210.125.155.126 netmask 0xffffff00 broadcast 210.125.155.255
    inet6 fe80::280:adff:fe00:572c%dc0 prefixlen 64 scopeid 0x2
    ether 00:80:ad:00:57:2c
    media: Ethernet autoselect (100baseTX <full-duplex>)
    status: active
    lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
    lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
    inet6 ::1 prefixlen 128
    inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
    inet 127.0.0.1 netmask 0xff000000
    ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
    sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552

    according to some FreeBSD doentations, i need to configure my
    machine as a gateway and use NAT. others also say about using a
    firewall. im concerned on the ease of maintaining the FreeBSD as a DSL
    router. im also concerned on filtered ports or port forwarding which
    may block certain ports such as Yahoo messenger and online games. if i
    use FreeBSD+NAT+firewall, would Windows clients that runs on specific
    ports (i.e. YM and online games) still be able to work? before, i used
    WinRoute and WinGate but there are instances when I can't get to work
    certain applications due to the limitations of the gateway.

    does anyone here can show me the steps I need to follow to be able to
    setup a FreeBSD-based DSL internet sharing server which is easy to
    maintain, fast and secured?

    thank you very much!
    -edwin

    P.S.

    I love FreeBSD!

    --
    --
    Edwin D. Viņas
    http://www.geocities.com/edwin_vinas/
    IN THE WORLD OF SCIENCE,
    NOTHING IS IMPOSSIBLE.
    --


    Thomas Guest

Similar Threads

  1. Internet Connection Sharing -- ICS
    By Steve in forum Windows Networking
    Replies: 0
    Last Post: July 18th, 04:08 AM
  2. net connection sharing
    By Mosley in forum ASP
    Replies: 0
    Last Post: July 9th, 03:48 AM
  3. Sharing dial up connection
    By Chris Kackley in forum Windows Networking
    Replies: 0
    Last Post: July 6th, 07:12 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139