Linux Networking: Using Ipchains - page 6
Multiple Machines, A Single ConnectionConfiguring Linux as a router with NAT support is not difficult but it can be confusing. What makes the job difficult is making sure the connection to the Internet is secure. The
ipchainsconfiguration is the first step. Additional steps are required if the router is running other services such as DNS, the Apache Web server, or an FTP server.
/etc/inet.conf file is typically used to designate how
IP-based services will be started if a request comes from another computer. The
telnet and FTP services can be handled using
article will not go into any detail on
inet.conf, but online help is
inet.conf, will work with any network adapter on the computer but it is possible to configure applications to work with specific adapters. For example, the Apache Web server keeps its configuration files in
access.conffiles control what computers and what adapters can be used with the web server. If a statement like
Listen 18.104.22.168:80is in the configuration files then the Web server will ignore other adapters, such as an Ethernet adapter connected to the Internet, and only use port 80 on the adapter associated with the IP address 22.214.171.124. The
linuxconfprogram can be used to set up this configuration instead of dealing with the configuration files directly.
Another possible option is to set up the DNS server so it can service the local network and transparently forward Internet requests to an ISP's DNS server. This makes configuration of local workstations easier but it requires an understanding of BIND.