/[gentoo]/xml/htdocs/doc/en/home-router-howto.xml
Gentoo

Diff of /xml/htdocs/doc/en/home-router-howto.xml

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.3 Revision 1.4
1<?xml version='1.0' encoding='UTF-8'?> 1<?xml version='1.0' encoding='UTF-8'?>
2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/home-router-howto.xml,v 1.3 2004/07/22 16:09:18 vapier Exp $ --> 2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/home-router-howto.xml,v 1.4 2004/07/22 21:17:35 vapier Exp $ -->
3<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> 3<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
4 4
5<guide link="/doc/en/home-router-howto.xml"> 5<guide link="/doc/en/home-router-howto.xml">
6 6
7<title>Home Router Guide</title> 7<title>Home Router Guide</title>
100 Interrupt:10 Base address:0x9400 100 Interrupt:10 Base address:0x9400
101</pre> 101</pre>
102<p> 102<p>
103If you do not see your two cards showing up and you're not sure what 103If you do not see your two cards showing up and you're not sure what
104kind of cards you have, try running <c>lspci</c>. You can get that from 104kind of cards you have, try running <c>lspci</c>. You can get that from
105<c>emerge sys-apps/pciutils</c>. Look for "Ethernet controller" in the 105<c>emerge pciutils</c>. Look for "Ethernet controller" in the output.
106output. Once you have this information, go into your kernel and add 106Once you have this information, go into your kernel and add support for
107support for the correct drivers. 107the correct drivers.
108</p> 108</p>
109 109
110<p> 110<p>
111The next thing you'll need is support for iptables and NAT (and packet 111The next thing you'll need is support for iptables and NAT (and packet
112shaping if you want). The following list is split up into required 112shaping if you want). The following list is split up into required
113(*), suggested (x), and shaper (s) features. It does not matter whether 113(*), suggested (x), and shaper (s) features. It does not matter whether
114you build the features into the kernel or as a module so long as when 114you build the features into the kernel or as a module so long as when
115the feature is need, the correct module(s) are loaded (module loading 115the feature is needed, the correct module(s) are loaded (module loading
116is left to the reader as a fun exercise however). 116is left to the reader as a fun exercise however).
117</p> 117</p>
118<pre caption="Network Options"> 118<pre caption="Network Options">
119<i>Networking options ---&gt;</i> 119<i>Networking options ---&gt;</i>
120<i> [*] TCP/IP networking</i> 120<i> [*] TCP/IP networking</i>
214<section> 214<section>
215<title>Cable and/or dynamic/static IP</title> 215<title>Cable and/or dynamic/static IP</title>
216<body> 216<body>
217 217
218<p> 218<p>
219If you have a static IP then you will need the few more details than if 219If you have a static IP then you will need a few more details than if
220you have a dynamic IP. For static users, you will need your IP, 220you have a dynamic IP. For static users, you will need your IP,
221gateway, and DNS servers. 221gateway, and DNS servers.
222</p> 222</p>
223 223
224<pre caption="Setting up eth1"> 224<pre caption="Setting up eth1">
360 360
361<p> 361<p>
362Well that was quick, but what did we do? The great thing is, we didn't 362Well that was quick, but what did we do? The great thing is, we didn't
363have to do very much! You're welcome to choose other DNS servers if 363have to do very much! You're welcome to choose other DNS servers if
364you're more comfortable with them, but the reason dnsmasq is great is 364you're more comfortable with them, but the reason dnsmasq is great is
365because it was designed to do exactly what we want it for. It's a 365because it was designed to do exactly what we want and nothing more.
366little DNS caching/forwarding server for local networks. We're not 366It's a little DNS caching/forwarding server for local networks. We're
367looking to provide our own DNS server here, just offer simple DNS 367not looking to provide DNS for our own domain here, just offer simple DNS
368services to everyone else on our LAN. 368services to everyone else on our LAN.
369</p> 369</p>
370 370
371</body> 371</body>
372</section> 372</section>
373 373
374<section> 374<section>
375<title>NAT</title> 375<title>NAT (a.k.a. IP-masquerading)</title>
376<body> 376<body>
377 377
378<p> 378<p>
379At this point, people on your network can talk to each other and they 379At this point, people on your network can talk to each other and they
380can look up hostnames via DNS, but they still can't actually connect to 380can look up hostnames via DNS, but they still can't actually connect to
496If you have other common / cool examples, please <uri link="mailto:vapier@gentoo.org">e-mail me</uri>. 496If you have other common / cool examples, please <uri link="mailto:vapier@gentoo.org">e-mail me</uri>.
497</note> 497</note>
498</body> 498</body>
499</section> 499</section>
500 500
501<!--
501<section> 502<section>
502<title>Traffic Shaping</title> 503<title>Traffic Shaping</title>
503<body> 504<body>
504<p> 505<p>
506TODO
505</p> 507</p>
506</body> 508</body>
507</section> 509</section>
510-->
508 511
509<section> 512<section>
510<title>Identd (for IRC)</title> 513<title>Identd (for IRC)</title>
511<body> 514<body>
512<p> 515<p>
531 534
532<section> 535<section>
533<title>Mail Server</title> 536<title>Mail Server</title>
534<body> 537<body>
535<p> 538<p>
539Sometimes it's nice to run your own Simple Mail Transfer Protocol (SMTP)
540server on the router. You may have your own reason for wanting to do so,
541but I run it so that the users see mail as being sent instantly and the
542work of retrying/routing is left up to the mail server. Some ISPs also
543don't allow for mail relaying for accounts that aren't part of their
544network (like Verizon). Also, you can easily throttle the delivery of
545mail so that large attachments won't seriously lag your connection for
546half an hour.
547</p>
548
549<pre caption="Setting up SMTP">
550# <i>emerge qmail</i>
551<comment>make sure the output of `hostname` is correct</comment>
552# <i>ebuild /var/db/pkg/*-*/qmail-1.03-r*/*.ebuild config</i>
553# <i>iptables -I INPUT -p tcp --dport smtp -i ! eth1 -j REJECT</i>
554# <i>ln -s /var/qmail/supervise/qmail-send /service/qmail-send</i>
555# <i>ln -s /var/qmail/supervise/qmail-smtp /service/qmail-smtp</i>
556# <i>cd /etc/tcprules.d</i>
557# <i>nano tcp.qmail-smtp</i>
558<comment>Add an entry like so to the allow section:
559192.168.0.:allow,RELAYCLIENT=""</comment>
560# <i>tcprules tcp.qmail-qmtp.cdb rules.tmp &lt; tcp.qmail-smtp</i>
561# <i>rc-update add svscan default</i>
562# <i>/etc/init.d/svscan start</i>
563</pre>
564
536</p> 565<p>
566I'm a huge fan of qmail, but you're free to use a different mta :).
567When you setup e-mail on the hosts in your network, tell them that
568their SMTP server is 192.168.0.1 and everything should be peachy.
569You might want to visit the <uri link="http://qmail.org/">qmail
570homepage</uri> for more documentation.
571</p>
537</body> 572</body>
538</section>
539
540<section> 573</section>
541<title>HTTP Proxy</title> 574
542<body> 575<!--
543<p>
544</p>
545</body>
546</section> 576<section>
577<title>E-mail Virus Scanning</title>
578<body>
579<p>
580If you'd like to provide e-mail virus scanning for your users, but
581don't want to have to install a virus scanner on every single machine,
582then <c>pop3vscan</c> may just be the thing for you; a transparent
583Post Office Protocol (POP) scanner.
584</p>
547 585
586<pre caption="Setting up pop3vscan">
587TODO
588</pre>
589
590</body>
548<section> 591</section>
549<title>POP Scanning</title> 592-->
550<body>
551<p>
552</p>
553</body>
554</section>
555 593
556</chapter> 594</chapter>
557 595
596<chapter>
597<title>Final Notes</title>
598<section>
599<body>
600<p>
601I have no final notes other than if you experience any troubles with the guide,
602please contact <mail link="vapier@gentoo.org">me</mail> or file a bug with
603<uri link="http://bugs.gentoo.org/">Gentoo's Bugtracking Website</uri>. If
604you have some interesting bits you think would enhance this guide, by all means
605send it my way for inclusion.
606</p>
607</body>
608</section>
609</chapter>
558</guide> 610</guide>

Legend:
Removed from v.1.3  
changed lines
  Added in v.1.4

  ViewVC Help
Powered by ViewVC 1.1.20