Re: Sharing Limited Internet Connection

Re: Sharing Limited Internet Connection

[/dev/rob0]

On Friday 2005-September-02 12:17, TestMail wrote:
> My ISP said i can only connect 1 PC in my DSL account (is this
> true????).

Lawyers who have no understanding of networking dictate such terms. 
Careful examination might show that they're talking about the physical 
connection ... only one DHCP client, one routable IP address.

Or perhaps they really are that stupid. There's no way they can enforce 
a restriction like that, because by all appearances you would only have 
a single machine connected. (They COULD sniff all your traffic and see 
if you're showing evidence of multiple computers in use, but that's not 
likely to make money for the company, so in reality don't worry.)

But ... if they caught you, they might use it as a means to extort more 
money out of you, so if they are that stupid and your terms don't allow 
NAT sharing of your connection, don't talk about it.

> If it is not true how can i share it using iptables??? 

http://netfilter.org/documentation/HOWTO//NAT-HOWTO.html
-- 
    mail to this address is discarded unless "/dev/rob0"
    or "not-spam" is in Subject: header

Re: Sharing Limited Internet Connection

[Ruprecht Helms]

TestMail wrote:
> Hello List!
> 
> My ISP said i can only connect 1 PC in my DSL account (is this true????). 
> If it is not true how can i share it using iptables???

Configure your gateway as proxy with nat.

Regards,
Ruprecht

------------------------------------------------------------------------------------------
Ruprecht Helms IT-Service & Softwareentwicklung

Tel./Fax  +49[0]7621 16 99 16
Web:       htp://www.rheyn.de

Re: Sharing Limited Internet Connection

[Askar]

All you have to do on your linux gateway
# enable ip forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

#iptables nat rule goes as..
#use snat if you have static ip
iptables -t nat -A POSTROUTING -j SNAT --to xx.xxx.xxx.xx 
# use MASQ if you get dynamic ip
iptables -A POSTROUTING -t nat -o eth0 -j MASQUERADE


On client side make this route/gateway machine as default gateway.


hope this will helps.

regards

Askar
On 9/2/05, Ruprecht Helms <rhelms@my-mail.ch> wrote:
> 
> TestMail wrote:
> > Hello List!
> >
> > My ISP said i can only connect 1 PC in my DSL account (is this 
> true????).
> > If it is not true how can i share it using iptables???
> 
> Configure your gateway as proxy with nat.
> 
> Regards,
> Ruprecht
> 
> 
> ------------------------------------------------------------------------------------------
> Ruprecht Helms IT-Service & Softwareentwicklung
> 
> Tel./Fax +49[0]7621 16 99 16
> Web: htp://www.rheyn.de
> 
> 
> 
> 


-- 
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: Sharing Limited Internet Connection

[Eduardo Spremolla]

On Thu, 2005-09-01 at 21:39 -0500, /dev/rob0 wrote:
> On Friday 2005-September-02 12:17, TestMail wrote:
> > My ISP said i can only connect 1 PC in my DSL account (is this
> > true????).
> 
> Lawyers who have no understanding of networking dictate such terms. 
> Careful examination might show that they're talking about the physical 
> connection ... only one DHCP client, one routable IP address.

May be they also want to limit the traffic the connection generates.
It's not the best way to do it but , as you sed , they are lawyers.

LALO


Este e-mail y cualquier posible archivo adjunto está dirigido únicamente al destinatario del mensaje y contiene información que puede ser confidencial. Si Ud. no es el destinatario correcto por favor notifique al remitente respondiendo este mensaje y elimine inmediatamente el e-mail y los posibles archivos adjuntos al mismo de su sistema. Está prohibida cualquier utilización, difusión o copia de este e-mail por cualquier persona o entidad que no sean las específicas destinatarias del mensaje. ANTEL no acepta ninguna responsabilidad con respecto a cualquier comunicación que haya sido emitida incumpliendo nuestra Política de Seguridad de la Información.
. . . . . . . . .
This e-mail and any attachment is confidential and is intended solely for the addressee(s). If you are not intended recipient please inform the sender immediately, answering this e-mail and delete it as well as the attached files. Any use, circulation or copy of this e-mail by any person or entity that is not the specific addressee(s) is prohibited. ANTEL is not responsible for any communication emitted without respecting our Information Security Policy.

Re: Sharing Limited Internet Connection

[Tom Sullivan]

>My ISP said i can only connect 1 PC in my DSL account (is this true????).
You'd have to read the user agreement with your ISP to see what the rules 
are for attaching computers to their network.

>If it is not true how can i share it using iptables???

The basics: Your "one" PC can be a Linux box with two NICs; one attached to 
your ISP and the other attached to hub or a switch on the inside of your 
home network.  That box would be your gateway and firewall for the rest of 
the computers on your home network.  If you're very new to Linux and the 
concepts of setting up a home network I would suggest using an "off the 
shelf" solution first, until you get better acquainted with Linux, 
IPTables, and all such related stuff.

There are many off the shelf solutions out there and I'm sure many people 
will suggest a wide range of options.  However, I would suggest IPCop 
[http://www.ipcop.org/] because I know it's pretty simple to set up.  I 
don't run it but I know people who do and they like it.

You can search Google: http://www.google.com/search?hl=en&q=linux+firewalls
and 
SourceForge:  http://sourceforge.net/search/?type_of_search=soft&words=firewall

Good luck with setting up your home network.

V/R,

-TOM

Sharing Limited Internet Connection

[TestMail]

Hello List!

My ISP said i can only connect 1 PC in my DSL account (is this true????). 
If it is not true how can i share it using iptables???

Thank you in advance

Re: Sharing Limited Internet Connection

[David Leangen]

Can somebody please explain something to me?

> # use MASQ if you get dynamic ip
> iptables -A POSTROUTING -t nat -o eth0 -j MASQUERADE

What's the difference between using "-o ppp0" and "-o eth0"? Obviously, 
one is using the ppp0 interface while the other is using the eth0 
interface. But in terms of what happens to the packets, what's the diff?

Out of curiosity, I tried both: ppp0 works, while eth0 does not.


Cheers,
Dave

Re: Sharing Limited Internet Connection

[/dev/rob0]

On Friday 2005-September-02 23:19, David Leangen wrote:
> Can somebody please explain something to me?
>
> > # use MASQ if you get dynamic ip
> > iptables -A POSTROUTING -t nat -o eth0 -j MASQUERADE
>
> What's the difference between using "-o ppp0" and "-o eth0"?
> Obviously, one is using the ppp0 interface while the other is using
> the eth0 interface.

-o specifies the output interface. "-o ppp0" matches packets routed out 
ppp0. I'll leave it as an exercise for the reader to guess which 
packets match "-o eth0".

> But in terms of what happens to the packets, what's the diff?

-o is a matching option, not a target option. The target is the same, 
"-j MASQUERADE".

> Out of curiosity, I tried both: ppp0 works, while eth0 does not.

Not having any idea what your eth0 interface is used for, I cannot 
explain that to you, but I would guess that your default route to the 
Internet uses ppp0.
-- 
    mail to this address is discarded unless "/dev/rob0"
    or "not-spam" is in Subject: header

Re: Sharing Limited Internet Connection

[TestMail]

So if  I implement using this command in iptable
    IPTABLES -t nat  -A POSTROUTING  -o eth1 -j MASQUERADE
Can they still sniff my network if i have multiple connection????

I really appreciate all your reply list!!!

Thanks again in advance!!!!

FYI:
    I'm setting this up in an Internet Cafe