Mediaone cable modems

[stephane at u-picardie.fr (Stephane Alnet)]

>basically one box needs two NICs and runs the linux IP masquerade
>stuff.. (I'm running 2.1.x kernels, so i run IPchains).. that solves
>99% of the 'outgoing' issues.. including special modules for stuff
>like non-passive FTP and real audio and icmp..

>       * Ip-Chains are much easier than ifwadm stuff for doing network
>         address translation.. but they're (I think) a 2.1.x thing
>         only.. (thus the above comment)

There's a patch for 2.0.34 and up (see
http://www.rustcorp.com/linux/ipchains/).
But at this time, 2.1.x is a good choice if one is planning to incorporate
this kind of stuff - you'll be ready for 2.2 ;)  and get lots of nice new
features.

>incoming to anything other than the gateway machine is more
>problematic.. though I think there are some port redirectors
>available.

I used the TIS firewalling toolkit (fwtk) when it was still free - it
contains a nice generic redirector piece (plug-gw ?) which you can just put
in your /etc/inetd.conf and voil)B?! But the toolkit is no longer free (nor
opensource), although some old version are still available on the 'net.
In any case you can get the toolkit by "registering" (see
ftp://ftp.tis.com/pub/firewalls/toolkit/ and get the README).

[You may want to read the "Firewalling and Proxy Server HOWTO" to install
the toolkit. Even if this document is more concerned with the outbound
traffic (proxys), it's worth reading.]

>for these kinds of things and some starting points at
>    http://www.ne.mediaone.net/customercare/helpdesk/fs_lans.html
>and http://rlz.ne.mediaone.net/linux/

Looks like they have a sensible approach, and the second site has all the
FAQs and Howtos one would need for Linux.

St)B?phane


***
Subcription/unsubscription/info requests: send e-mail with subject of
"subscribe", "unsubscribe", or "info" to discuss-request at blu.org