[Sussex] pppoa

Steve Dobson steve.dobson at syscall.org.uk
Fri Apr 3 14:46:25 UTC 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Angus

John Crowhurst wrote:
> On Fri, April 3, 2009 13:25, Angus Robinson wrote:
>> Sorry, at times i do have a problem with what i want to do, in a an
>> email. I am wanting to make the linux box connect to the internet, so
>> the linux box does the authentication and the router would then be in
>> bridge mode. Once that is done, i was planning on setting up a web
>> server, configuring a firewall, etc,etc. Its basicaly for me to get to
>> grips with linux iptables,apache,etc,etc as i am used to ipfw . I hope
>> this helps. <br>
> 
> You don't want to do that, seriously!

I completely agree - this is WAN technology and best left to the ISP
geeks not the likes of us mortals.

iptables is firewall technology.  Personally I use shorewall as the
front end to setting iptables by hand.  I'm always afraid that I'll miss
something if I do it myself.  Personally I think it is best for a
firewall to be a dedicated box - the less software it is running the
less chance it has of being comprised.

You need a Linux box with two or three NICs.  Three if you have more
than one IP address (do Tiscali do multiple IP address for home users?),
two if you only have the one.  Then use port forwarding on the router to
pass the packets from the Internet on to your Linux box.

BTW I've used m0n0wall but I've not used ipfw, but all firewalls do
basicly the same thing in more or less the same way.

Apache is a webserver - am sure you knew that :-).  Port forward 80
(HTTP), 443 (HTTPS) [other common ones are 8080 and 8088] to your Linux
box and you can play just like you want.

The same goes for any other service you want to experiment with.

Hope this helps
Steve


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJ1iE5u7HOw0Q66oERAqgEAJ4sXfKbA2cKArettyhFBWSAcFxbUwCgpxSe
jzGZFpH61jL3bYz7qnWTesw=
=8LTl
-----END PGP SIGNATURE-----



More information about the Sussex mailing list