lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 06 Sep 2010 12:57:48 -0700 (PDT) From: David Miller <davem@...emloft.net> To: david-b@...bell.net Cc: netdev@...r.kernel.org, linux@...nbow-software.org Subject: Re: PATCH: usbnet: doc updates From: David Brownell <david-b@...bell.net> Date: Mon, 6 Sep 2010 11:28:48 -0700 (PDT) > You wouldn't know of a Linux distro that comes > with a "this box will be a NAT firewall" setup > option? Ubuntu only has that aftermarket AFAICT. Just do a bare debian install and put something like the file below in your /etc/network/interfaces, it's what I use. eth0 is outgoing, eth1 is internal network. Change eth0 to a dhcp config if that is what you use. I also use dnsmasq as the dhcp server for the internal network. IP addresses variable'ized to protect the innocent :-) -------------------- # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 iface eth0 inet static address $(INTERNET_IP) netmask $(INTERNET_NETMASK) network $(INTERNET_NETWORK) broadcast $(INTERNET_BROADCAST) gateway $(INTERNET_GATEWAY) dns-nameservers $(INTERNET_DNS_1) $(INTERNET_DNS_2) allow-hotplug eth1 iface eth1 inet static address 11.0.0.1 netmask 255.0.0.0 network 11.0.0.0 broadcast 11.255.255.255 up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists