Linux-Noob Forums

Full Version: proxy/filter/networking
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3 4

Quote:ports 1-4 are the switch on your router.

 

The DSL part is the phone point that connects out to the world.

 

(I think...)
 

ISP-Box(contects to phoneline for outside world)(gives an ip to router wan port via LAN1 in isp box)--> (192.168.1.1)(1 2 3 4), 1 connected to my nic(ip1:192.1.1.2) connected to nic(ip2:10.0.0.1) but how does it get rerouted to ports 2 3 4+wlan so that my pc acts as a proxy.

 

 

What you said about two ip's on one network card s done like this right?

Quote:<blockquote data-ipsquote="" class="ipsQuote" data-ipsquote-contentcommentid="15351" data-ipsquote-username="Dungeon-Dave" data-cite="Dungeon-Dave" data-ipsquote-timestamp="1320321145" data-ipsquote-contentapp="forums" data-ipsquote-contenttype="forums" data-ipsquote-contentid="4186" data-ipsquote-contentclass="forums_Topic"><div>
ports 1-4 are the switch on your router.

 

The DSL part is the phone point that connects out to the world.

 

(I think...)
 

ISP-Box(contects to phoneline for outside world)(gives an ip to router wan port via LAN1 in isp box)--> (192.168.1.1)(1 2 3 4), 1 connected to my nic(ip1:192.1.1.2) connected to nic(ip2:10.0.0.1) but how does it get rerouted to ports 2 3 4+wlan so that my pc acts as a proxy.

okay - it looks like you're running two networks together already - I think we need a network diagram to clarify this.

 

What you said about two ip's on one network card s done like this right?



</div></blockquote>

Current Setup

 

[Image: hand-sketch2.jpg]

 

 

This next sketch doesn't make sense to me, but that's what I'm getting the idea you were talking about?

How does traffic get rerouted to ports 2 3 4 on my router if network card only has 1 physical port?

 

 

[Image: hand-sketch.jpg]


okay.. I was thinking that your ISP box *could* plug directly into port 1 and have NIC1 on port 2.

 

You then have your IP-facing IP address (11.22.33.44 or so) on eth0 and your private IP (192.168.1.2) on eth0:1.

 

Any machines plugged into port 3 & 4 on your switch will need to obtain a 192.168.1 IP and be told that 192.168.1.2 (your machine) is the proxy.

 

However, this is a somewhat dangerous setup because it will have *all* machines potentially internet-facing, and one wrong IP change could expose something unprotected.

 

Is there a firewall on the ISP box ?


Quote:okay.. I was thinking that your ISP box *could* plug directly into port 1 and have NIC1 on port 2.

 

You then have your IP-facing IP address (11.22.33.44 or so) on eth0 and your private IP (192.168.1.2) on eth0:1.

 

Any machines plugged into port 3 & 4 on your switch will need to obtain a 192.168.1 IP and be told that 192.168.1.2 (your machine) is the proxy.

 

However, this is a somewhat dangerous setup because it will have *all* machines potentially internet-facing, and one wrong IP change could expose something unprotected.

 

Is there a firewall on the ISP box ?
 

I think so. I'd have to check that. I'll look it up. But when I setup port fowarding on the box it doesn't even work. Called the ISP and they don't support port fowarding. They just provide internet. Anything other then that they don't suppport.

It's a worthless piece of shit.


I checked online and it said that it has a firewall but that you can't turned it off. You can foward ports, but I tried it but no matter how you do it the fowards don't work.

But will be able to check it for sure once I get home this evening.


Quote:okay.. I was thinking that your ISP box *could* plug directly into port 1 and have NIC1 on port 2.

 

You then have your IP-facing IP address (11.22.33.44 or so) on eth0 and your private IP (192.168.1.2) on eth0:1.

 

Any machines plugged into port 3 & 4 on your switch will need to obtain a 192.168.1 IP and be told that 192.168.1.2 (your machine) is the proxy.

 

However, this is a somewhat dangerous setup because it will have *all* machines potentially internet-facing, and one wrong IP change could expose something unprotected.

 

Is there a firewall on the ISP box ?
 

I could try it but then I don't understand how I would have internet?

 

[Image: hand-sketch3.jpg]

 

Do you mean that because my isp box is connected to port 1 and my NIC to port 2. In order to get internet

port 3 and 4 would have to go through port 2 first which is (x.x.x.x and 192.168.1.2) Also being my proxy?

nic:ip1 talking to port 1(connected to internet) and nicip2 talking to port 3 and 4 on my router?

 

But wouldn't this be much easier by just adding a second network card in my pc?

 

[Image: hand-sketch4.jpg]


I'm starting to get more and more lost with this whole networking thing. I've been trying to think it out using the sketches I made.

and rereading the posts you made but I still don't quite understand.

 

Had a talk with a colleage and he explained some things. Gonna think it through this evening and post.


I thought it through what you said and as far as far as my understanding goes it wouldn't work. I'll have to write it out cuz I don't have a scanner here.

 

ISP box--connects to port 1 on router, port 2 router connects to nic:ip1, connects to nic:ip2. The problem with this is my router is running dhcp, and it gives the ip's the the four ports through the internet port. So in this case only port1 on the router would get an ip. If I then connected port 2 to my nic. I wouldn't get an ip and have no internet connection and my internet traffic wouldn't get filtered/proxy.

 

I thought well then I could do it like this:

 

ISP box--connects to internet port router, then router gives 1-4 ports an ip, and I can connect port 1 to my nic. problem with this is. the router is giving ip's to all four ports. So traffic isn't getting filter and not going through a proxy.

 

The only logical solution I found is the following with 2 NIC's:

 

ISP box--connects to NIC1(192.168.2.254), is bridged/connects to NIC2(10.0.0.1). in between here traffic gets proxy/filtered. I also run dhcp service on machine and connect NIC2 to port 1 on router. port 1 gets an ip(10.0.0.100) from my dhcp service. Also ports 2 3 4. And I shut off my dhcp on my router so it now acts like a switch. Now my traffic is proxy/filtered. Only I see 2 things that concern me. 1 is that I'm not sure wlan would be filtered? and two is my pc would be directly connected to the isp box. How safe it this. I went into the interface of my isp box. I couldn't find anything of a firewall, but I read on the net it's built in and you can't turn it off. So I would think it wouldn't be too much of a problem. Port fowarding doesn't seem to work on it. I could try it again though. And lastly, I don't see how it could be possible with only one NIC even if it has two ips. ? That's how a colleage of mine explained it to me. I have thought it through like 100 times, and this is the conclusion I came to. I don't think running a dhcp service would be too hard I suppose. So then if my pc would be directly connected to my isp box, and run dhcp it would be just as is functioning as a router.

 

What do you think of my brainstorming and conclusions on this?

 

 

And about me not liking my own pc connect directly to the internet I was thinking the following. I'm hobbying/learning alot with this so I might as well invest some in it because it's worth it. So I was thinking of maybe

buying a server at the end of the year(adding a network card) and then using as a proxy/filter/gateway for my private network. That way I keep my desktop as a desktop and have my server to control my network and I'll learn from it and enjoy it :)And I'll have a nice starters home network setup and can experiment more. How does that sound?


Quote:And about me not liking my own pc connect directly to the internet I was thinking the following. I'm hobbying/learning alot with this so I might as well invest some in it because it's worth it. So I was thinking of maybebuying a server at the end of the year(adding a network card) and then using as a proxy/filter/gateway for my private network. That way I keep my desktop as a desktop and have my server to control my network and I'll learn from it and enjoy it :) And I'll have a nice starters home network setup and can experiment more. How does that sound?
 

That sounds like an interesting idea. My server on my local network serves both my public website to anyone who visits it, but it also acts as DHCP server, DNS server and provides a few other services for the local network only. It sounds like a great way to learn. :)

Pages: 1 2 3 4