| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 06 Sep 2010 12:57:48 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: david-b@...bell.net
Cc: netdev@...r.kernel.org, linux@...nbow-software.org
Subject: Re: PATCH: usbnet: doc updates
From: David Brownell <david-b@...bell.net>
Date: Mon, 6 Sep 2010 11:28:48 -0700 (PDT)
> You wouldn't know of a Linux distro that comes
> with a "this box will be a NAT firewall" setup
> option? Ubuntu only has that aftermarket AFAICT.
Just do a bare debian install and put something like the file below in
your /etc/network/interfaces, it's what I use.
eth0 is outgoing, eth1 is internal network. Change eth0 to a dhcp
config if that is what you use.
I also use dnsmasq as the dhcp server for the internal network.
IP addresses variable'ized to protect the innocent :-)
--------------------
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug eth0
iface eth0 inet static
address $(INTERNET_IP)
netmask $(INTERNET_NETMASK)
network $(INTERNET_NETWORK)
broadcast $(INTERNET_BROADCAST)
gateway $(INTERNET_GATEWAY)
dns-nameservers $(INTERNET_DNS_1) $(INTERNET_DNS_2)
allow-hotplug eth1
iface eth1 inet static
address 11.0.0.1
netmask 255.0.0.0
network 11.0.0.0
broadcast 11.255.255.255
up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists