Skip Navigation
Site HomeSearch

On-Line Reference:
RedHat Linux Unleashed

Did this help?
... or
Donate at PayPal®...

 
Tux the Pengin

OK, here's a freebie: A simulation of the old text-based Star Trek game we used to play on HP 2100's using a Teletype ASR-33 as a console: StarTrek Game

SOHO Network File Sharing

See also on this site: EZ Firewalling & Routing

Contents:

On-Line References

Introduction

One of the big advantages of Linux is its built-in ability to share and control network resources. We wanted to be able to log in with three computers to either of two dialup ISP accounts. We accomplished this by enabling two powerful Linux features: IP forwarding, and IP masquerading. We also wanted to be able to print, on occasion, from our laptop to a printer on one of the other workstations. The instructions given here are for users running X Windows sessions, as we figured most newbies do. More experienced users can manually manipulate the files associated with the graphical tools we describe.

The Network

Hardware

The first step for us in setting up the home network was to connect the PC, Mac, and Micron laptop using an inexpensive ethernet hub and cables. The choice of what topology (network layout) to use is somewhat determined by the class of ethernet you need, which is determined by the speed, distance and noise immunity you need (see the Ethernet Quick Tutorial). For our purposes, 10baseT and CAT5 twisted pair cables were adequate for the under-100 meter distances involved.

RedHat 6 on the laptop automatically recognized and started up support for my PCMCIA ethernet/modem card when it was inserted hot into the slot. The Mac G3 came with a built-in adapter and LinuxPPC was configured to use it, but we had to add one to the Dell PC, only because it was not specified at time of purchase. We just bought an NE2000-compatible card (not the best, but very adequate, easy to install, and inexpensive!). We used RedHat's GUI-controlled utility "linuxconf" to configure the PC to use the new card, by filling in the blanks (refer to the Ethernet HOWTO for details):

Figure 1, "linuxconf" GUI utility for configuring interfaces

Linuxconf panel

Configure the eth0 Adapter Driver

Click on "Basic Host Information", enter the host name you wish for this computer, and then click the "Adapter 1" tab. For "Primary Name + domain" we used the host name + ".net". Assign an IP to the computer, such as "192.168.0.1" and a netmask of the form "255.255.255.0". Set the device to "eth0". Choose a driver corresponding to the type of chip used on your adapter card. Check your entries, then click "Accept".

Components Our home network is shown in Figure 2. We used the following 10baseT and CAT5 components from PC Zone:

A00505311 BOCAHUB 8 PORT 10T HUB(8RJ45) $19.99
A00081945 20' CAT 5 UTP CABLE BLUE $13.98 (2 each)
A00082220 10' CAT 5 UTP CABLE BLACK $9.99

Figure 2, The home network

Home network

Software

Clients: In each computer you must create an eth0 interface device using

# netcfg &

If you have previously set up PPP on your host (server) PC, you know how to use netcfg; if not, you should set up PPP first using the information in the PPP HOWTOs on the web or elsewhere on this site - without a local DNS running on your network each client must have your ISP's DNS addresses entered under the "Names" tab of netcfg (see below). In the process you will become familiar with creating netcfg interfaces.

Give each PC a unique IP address. We used class C format 192.168.0.x where the "x" is a different digit for each computer. The subnet mask for a Class C network is 255.255.255.0.

If you wish to refer to other stations by name rather than IP addresses, update the /etc/hosts file with one line to specify each PC's name. You can do this in RedHat-based systems using netcfg's HOSTS tab. Click "Add", then enter the IP address and name of the other nodes (PCs) on the network. Those are the names entered under the netcfg "Names" tab as "Hostname" on each PC. Under the "Names" tab, also enter your ISP‚?ā¨∆ň?s DNS addresses if you have not already done so for PPP.

When you are all connected, use the command

# ping 192.168.0.x

(where x is the unique address of each node) at each station to test connections to all other stations. If you have given hostnames to all nodes, you may use

# ping hostname

Figure 3, "netcfg" routing setup

netcfg panel

Server: On the server PC, do the same, setting the "Default Gateway Device" to "ppp0" and leaving the "Default Gateway" blank.

IP Masquerading

2.2.x Kernels configured with IPCHAINS: When your server PC sends a workstation PC packet to the ISP, it will now specify the workstation's IP as the source. This will generate an alert because certain addresses are for internal use only. Look it up in any good IP book. So we have to tell the server PC to "masquerade" as the workstation, for all workstation packets exchanged with the ISP, using the server's dynamic IP that was assigned to it by the ISP host at login. This is done on the server PC with the command

# /sbin/ipfwadm -F -a accept -m

or possibly,

# /sbin/ipfwadm-wrapper -F -a accept -m

Typing the above command will enable masquerading for this session only. On shutdown, masquerading is reset. To ensure that masquerading is always enabled on our server, we put the command into a script that is executed at boot upon entering runlevel 5. A sneaky, nasty way to do this is to "piggyback" the command inside an existing /etc/rc.d/init.d script that is associated with establishing internet services. I used /etc/rc.d/init.d/xinetd and made the following modification:

     .
     .
start(){
    echo -n $"Starting $prog: "
    # Need to get rid of localization for external services - 
    # it does not make much sense to have i18n on the server side here

    LANG=en_US
    LC_TIME=en_US
    LC_ALL=en_US
    LC_MESSAGES=en_US
    LC_NUMERIC=en_US
    LC_MONETARY=en_US
    LC_COLLATE=en_US
    export LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
    unset HOME MAIL USER USERNAME

    daemon xinetd -stayalive -reuse -pidfile /var/run/xinetd.pid
    RETVAL=$?
    echo
    touch /var/lock/subsys/xinetd
#
####enable IP forwarding 11/14/01 Rik Nilsson
    /sbin/ipfwadm -F -a accept -m        # enable IP forwarding
#
    return $RETVAL
}
    .
    .

2.4.x Kernels configured with IPTABLES: (not yet available)

If you have a firewall already installed and configured using IPTABLES just add this to the part of the firewall script that sets up your forwarding table, or controls ICMP access.

$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

If you have not started up a firewall, I suggest you look at my "E-Z Firewalling" page.

Remote Printing

The PC that is to be the print server must have a configured printer named lp defined in a /etc/printcap file. Also on the server, create /etc/hosts and /etc/hosts.lpd files, simple text files containing the IPs of all PCs wishing to be served, which look like this:

192.168.0.2
192.168.0.3   

If the user client machines were defined with host names using netcfg, you can put their host names in here instead. On the laptop (printer user/client) we created an /etc/printcap file for remote printing using the graphical tool (you must be root) type:

# printtool

You need to know the name of the default print queue on the server PC, as defined in its /etc/printcap file. It will usually be "lp" or "lp0". The spool directory should match. When the printer list window appears, click "Add". The "Add Printer Entry" window appears. Click the "Remote Unix (lpd) queue" radio-button, and click "OK". When the "Edit Remote Unix (lpd) Entry" dialog appears, fill in the blanks to create the print queue for the remote printer. Click on "filter". You will get yet another dialog box enabling you to choose a print filter script for your printer. Assuming you have already selected one on the server PC, use the same one.

This file looks like this:

# /etc/printcap - on the PC needing remote printing capability
# # Please do not edit this file directly unless you know what you are doing! # Be warned that the control-panel printtool requires a very strict format! # Look at the printcap(5) man page for more info. # # This file can be edited with the printtool in the control-panel. ##PRINTTOOL3## REMOTE uniprint NAxNA letter {} U_CanonBJC610 bjc610a0 {} lp0: :sd=/var/spool/lpd/lp0: :mx#0: :sh: :rm=192.168.0.1:> :rp=lp: :if=/var/spool/lpd/lp1/filter:

The rm (remote machine) specifies the server's IP address, and the rp (remote printer) specifies the server's printer queue.

Enable DHCP under RH8.0

I decided to enable DHCP for visiting friends. I figured out that I can still reserve and use static IPs for some of my home-LAN workstations.

First, verify that the dhcp package is installed, using the RedHat Package Manager. I got to it from the Gnome "Hat-Menu>System Settings>Packages". DHCPD was checked under the network category.

Second, create a /etc/dhcpd.conf file to configure your network settings under DHCP. Here is mine:

# /etc/dhcpd.conf file - setup dhcp server defaults

ddns-update-style interim;
ignore client-updates;

subnet 192.168.0.0 netmask 255.255.255.0 {
        option subnet-mask 255.255.255.0;
        option broadcast-address 192.168.0.255;
        range 192.168.0.10 192.168.0.30;
        option routers 192.168.0.1;
        option domain-name-servers 65.167.66.3;
        option domain-name-servers 65.170.84.11;
        max-lease-time 1800;
        default-lease-time 1800;
}

Substitute your ISP's DNS addresses where indicated. If you have a cable or satellite connection for Web access, that typically uses the "eth0" interface, you will have to add another subnet declaration to enable it. Just add something like this to the end of the dhcpd.conf file:

subnet 65.112.32.20 netmask 255.255.255.0 {

}

Substitute your static IP for the one shown.

Last, enable DHCP at startup by invoking the services manager "ntsysv" or using the Gnome "Hat-Menu>Server Settings>Services" and checking dhcp to start at boot.

Problems?

"Host unknown" errors when attempting a HTTP session on a client:
you forgot to enter DNS addresses on the client "Names" tab of netcfg.
Cannot print to the remote printer, or you "broke" the server's ability to print to its own local printer:
check your error logs, /var/log/lpd-errs and /var/log/messages for hints as to where the trouble might be. There should be only one lpd process running at one time; Do "ps -ef | grep lpd" and if there are multiple lpd instances running as a result of all your testing, kill them all using

kill -9 [pid] [pid] [pid]

and then restart lpd by typing

/etc/rc.d/init.d/lpd start

on the command line.

(<a href="page.php?key=LPR+Printing">See also, "LPR Printing").

Print plain