Now that the Internet has become a ubiquitous presence in our society, it seems only reasonable that every machine should have Internet access. And with a couple of Ethernet cards, some well-chosen software, and a little bit of brainpower, many people can manage to share a single Internet connection among more than one PC, whether that connection be a PPP dial-up connection, a DSL line, or a cable modem.

In this case, the well-chosen software is ipchains. As described by its author, Paul Russell, ipchains "is an update to [and hopefully an improvement upon] the 2.0 Linux packet-filtering code, for the 2.2 Linux kernel." In a nutshell, it's a pretty neat way to make a firewall out of a 2.2 kernel Linux box, as well as providing access for multiple PCs using a single Internet connection. In this article, we will be talking about how to setup IP masquerading, allowing transparent proxying to the Internet.

In order to get started with ipchains, you're going need a Linux box (in this case, we'll be using a freshly installed Slackware 4.0 distribution), preferably two NIC cards (one can be a PPP dialup interface), a copy ofipchains, and probably a copy of the source code for your kernel. Chances are most distributions of Linux should come preinstalled with ipchains; however, it can also be downloaded from here. A copy of the Linux kernel source may already be installed in /usr/src/linux. If you don't see a copy there, you can pick up a copy from here. At the time of this writing, the latest version of ipchains is 1.3.9 and the latest 2.2 kernel is 2.2.13. If you're trying to set up ipchains on Linux 2.0, you're going to need quite a bit more kernel configuration prior to setting up ipchains, a process that is outside the scope of this article. For the purpose of this article, we're going to assume you're doing everything as root, since most things here require it anyway.

Next: Kernel Changes »