Setting up a mandrake Linux PC to
share its Dial-up Internet connection.
Assumes you have tried to use the Mandrake wizard - it
Mandrake internet connection sharing (ICS) wizard goes a little over
the top for a small network - it installs a DNS nameserver (BIND), a
proxy server (squid) and a DHCP server (dhcpd). Furthermore, it sets up
the firewall to redirect all http requests (your browser asking for a
web page) to the squid proxy server.
None of these servers are really necessary, and add complexity and
multiple potential failure points to your network. (Although the set up
is a valid one and simplifies sharing when it works!)
We will however leave them running for now, just in case. When you have
it all working, they can be turned off one by one (to make it easier to
locate any problems) if you wish by typing drakxservices as root.
Firewalling is not discussed here - see the shorewall
Let's try to do it manually!
For the following environments:
Where 'This_PC' is the one we are working on - it has a network card
and a working modem.
It will forward all
outbound Internet traffic to the Internet, receive any replies, and
forward them to the correct PC on your LAN.
To set up a linux 'client' see simple
To set up ICS with a cable or ADSL modem see ICS.html
First check your cabling
you have a dual boot machine, is Windows internet connection sharing
working ? Do the cables work on a known good network? Are you using the
correct cable? To connect 2 PCs directly without a hub or switch, you
need a crossover cable.
For our purposes:
Network interface cards (NIC
are called eth0, eth1 etc in Linux
short for internet
connection sharing - sharing a single internet connection with only 1
public IP address between multiple computers.
is a number
uniquely identify a network interface.
IP address of the device connected to the internet. Wit dial-up, this
gets set up automatically once you are connected to your ISP.
address is the
address of your internet service providers (ISP) nameserver - used to
look up the corresponding IP address of a human readable address like
is a unique name
your computer - anything you like, for example linux.mylan.home or
zeus.greekgods or kevin but not www.google.com, www.microsoft.com, or
anything .com, .net, .org etc...
Note about IP addresses:
Each interface on your network must have a different IP address from
the same scheme. The
usual numbering schemes for private networks are 192.168.x.x or
You will need
your ISPs nameserver IP address (get it from your ISPs web site or a
working installation that is dialled up)
You will need to be root (administrator) to edit the files here.
To sign on as root, type su in a terminal (console), press enter
followed by your root password
- This is the main
config file for eth0.
It should read : (you can leave out anything on a line after #)
IPADDR=192.168.0.1 # or whatever your IP address is to be - see above
NETMASK=255.255.255.0 # or 255.0.0.0 if your IP address is 10.x.x.x
NETWORK=192.168.0.0 # or 10.0.0.0 if your IP address is 10.x.x.x
BROADCAST=192.168.0.255 # or 10.255.255.255 if your IP address is 10.x.x.x
the nameserver address(es) - put the address of your ISPs nameserver
right at the top. eg:
You can have multiple nameserver xxx.xxx.xxx.xxx lines - the resolver
will try them all in turn if one fails
This file will probably be overwritten once you have dialled up, but it
does no harm to put the correct address in there anyway, just in case...
The default gateway and your hostname go in /etc/sysconfig/network
We then need to set up packet
GATEWAY= # leave blank or delete - will get set up automatically when you are connected to your ISP
Put the following command at the beginning of /etc/sysctl.conf
Then 'turn off' the redirection
squid and set up network address translation:
Install iptables - type "urpmi iptables" as root, or use the package
manager in the start menu or mcc
Add the following code to the bottom of
iptables -t nat -D PREROUTING -i eth0 -j loc_dnat
iptables -t nat -A POSTROUTING -o ppp+ -j MASQUERADE
This will delete a rule from your firewall and set up NAT
(masquerading) - later, when you understand more, you can change
shorewall and remove the first line, but for now we'll
keep it simple.
Reboot the computers
Then try it all out:
Try pinging your computer from its self (type "ping 192.168.0.1
" or whatever your
IP address is) If you get errors,
then your NIC/networking is not working - ask for help (see below).
If OK - Try pinging each PC from the other
If OK - Try browsing from each machine
If you can browse from the PC with the modem, but not another Linux box
connected to it, see Simple
net set up
If you are still having problems
post the following information in the Mandrakeusers.org networking forum:
Overview of your problem - not just "I can't connect to the internet" -
what have you done/tried so far, what works, what doesn't?
Physical network set up - what plugs in to what
Output of "ifconfig" , "route -n" , "iptables -nvL" and "iptables -nvL
Summary of the results of all pings above.
Please pass on
for improvements, mistakes or omissions to me -
consider this work in progress.
If you live on the Isle of Wight (UK) and you are still stuck, give me a call!