Thursday, November 22, 2007

Setup Internet Gateway with Linux

MINIMAL SYSTEM REQUIREMENT (recommended):

  1. CPU minimum Pentium
  2. HD 1 GB or more
  3. RAM 8 MB or more
  4. card LAN NE2000 compatible, chip REALTEK and PCI type (recommended)
  5. Linux installed and working in recommended computer, Linux Mandrake v7.x (recommended)

ASSUMPTION:

  1. Connect to the Internet with modem & telephone line
  2. Can be editing file in Linux – use pico for easy way
  3. Setup Internal network use private IP address class C (192.168.0.xxx) subnet mask 255.255.255.0
  4. Use external modem,or internal modem non-winmodem/non-softmodem.
  5. Linux Mandrake v7.x used by server
  6. Workstation use Windows9x

HOW TO SETUP:

  1. Login to Linux with root, after view prompt, write:
  2. cd /etc
  3. pico rc.local
  4. add this row at that first file /etc/rc.local:
  5. /etc/ppp/chain start
  6. echo 1 > /proc/sys/net/ipv4/ip_dynaddr
  7. pppd call ntlworld
  8. File /etc/rc.local can be follow like file AUTOEXEC.BAT in DOS/Windows, everything here will be start automatically when computer start. /etc/ppp/chain start - run file "/etc/ppp/chain" (contain script to activate IP-masq) with "start" parameter echo 1 > /proc/sys/net/ipv4/ip_dynaddr – inform to Linux that we use IP address dynamic pppd call ntlworld – run pppd (equivalent dial up networking in Windows) an read the parameter from file "ntlworld" (in /etc/ppp/peers)
  9. Next we make file /etc/ppp/chain. Change to directory /etc/ppp (cd /etc/ppp) and write pico chain. And write this row below: NAME=$0 case "$1" in start) echo -n "Starting IP chains (masq) support... " /sbin/ipchains -P forward DENY /sbin/ipchains -A forward -j MASQ -s 192.168.0.0/24 -d 0.0.0.0/0 # Block Windows "whohas" traffic to prevent spurious dialling... /sbin/ipchains -A forward -j DENY -p tcp -s 0.0.0.0/0 137:139 /sbin/ipchains -A forward -j DENY -p udp -s 0.0.0.0/0 137:139 /sbin/insmod ip_masq_cuseeme /sbin/insmod ip_masq_ftp /sbin/insmod ip_masq_irc /sbin/insmod ip_masq_quake /sbin/insmod ip_masq_raudio /sbin/insmod ip_masq_vdolive echo 1 > /proc/sys/net/ipv4/ip_dynaddr echo "Done." ;; stop) echo -n "Stopping IP chains (masq) support... " /sbin/rmmod ip_masq_cuseeme /sbin/rmmod ip_masq_ftp /sbin/rmmod ip_masq_irc /sbin/rmmod ip_masq_quake /sbin/rmmod ip_masq_raudio /sbin/rmmod ip_masq_vdolive /sbin/ipchains -D forward -j MASQ -s 192.168.0.0/24 echo 0 > /proc/sys/net/ipv4/ip_dynaddr echo "Done." ;; *) echo "Usage: /etc/ppp/$NAME {startstop}" exit 1 ;; esac exit 0
  10. After make this file, now we make script file contains parameters to pppd, i.e. /etc/ppp/peers/ntlworld. Make that directory first (mkdir /etc/ppp/peers/), and than move to (cd /etc/ppp/peers/), next write pico ntlworld (or change ntlworld with your ISP name). next write this row: demand idle 600 ipcp-accept-remote ipcp-accept-local lock noauth defaultroute user harry.sufehmi remotename ppp0 /dev/ttyS1 57600 crtscts 0.0.0.0:0.0.0.0 connect '/usr/sbin/chat -f /etc/sysconfig/network-scripts/chat-ppp0'
  11. some parameter may be need modification i.e.: demand - activate feature "demand dialing"/auto-dial, every linux detect internet access dan not connected, automatically will be dial to our ISP. idle 600 – if detect that user didn’t do anything for 600 s, disconnect the internet connection , 600 s can be change to 200 if you want it. user harry.sufehmi – change to you user id. /dev/ttyS1 57600 - /dev/ttyS1 if your modem connect to COM1 port,if not:for example in COM2 ganti menjadi /dev/ttyS2, etc
  12. but every ISP can be different the configuration, if this example cannot connect to internet, please contact your ISP technical support.
  13. Next we will make script file that used by chat program. write cd /etc/sysconfig/network-scripts/, and than write pico chat-ppp0. next write this row : 'ABORT' 'BUSY' 'ABORT' 'ERROR' 'ABORT' 'NO CARRIER' 'ABORT' 'NO DIALTONE' 'ABORT' 'Invalid Login' 'ABORT' 'Login incorrect' '' 'ATZM1L2&F&D2&C0' 'OK' 'ATDT08005190100' 'CONNECT' '' 'TIMEOUT' '5' '~--' ''
  14. some parameter may be need modification i.e.: '' 'ATZM1L2&F&D2&C0' – if this init string can’t be accepted, please check to your manual modem. 'OK' 'ATDT08005190100' - change 08005190100 with your ISP Phone number.
  15. Next we need to setup resolve.conf filewrite cd /etc/ppp, an than pico resolv.conf. and write this row:: domain ntlworld.com nameserver 194.168.4.100 nameserver 194.168.8.100 change ntlworld.com at domain ntlworld.com with your ISP domain name (ex: indosat.net.id), and address near nameserver parameter change with your address DNS Server ISP
  16. at last, you need to setup password to ISP connection. write cd /etc/ppp. And you need to know,your ISP use security method PAP or CHAP? for PAP, write pico pap-secrets, for CHAP write pico chap-secretsthe content like this: harry.sufehmi ppp0 xxxxxxxxxxxxxxx change harry.sufehmi with your user name, and change xxxxxxxxxxxxxxx with your password.

After this you just configure the other computer in network, for assumption use Windows9x:

  • Click Start - Settings - Control Panel
  • Double click in icon Network
  • Double click in protocol TCP/IP
  • Click tab DNS Configuration
  • Check Enable DNS
  • Write DNS address you ISP server in textbox DNS Server Search Order, and click ADD.. Click OK, and click OK once more. Computer will be restart. Finish! Please Restart your computer (shutdown -r now), and enjoy your new Internet server gateway.

Diposting oleh Joeniar di 5:40 PM
Label:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)