Sunday, 10 May 2009

Internet Connection Sharing using "Firestarter " in LINUX

Firestarter is a GPL-licensed graphical firewall configuration program for iptables, the powerful firewall included
in Linux kernels 2.4 and 2.6. Firestarter supports network address translation for sharing an Internet connection
among multiple computers, and port forwarding for redirecting traffic to an internal workstation. Firestarter's
clean and easy to use graphical user interface takes the time out of setting up a custom firewall.

Firestarter has the ability to share the firew all host's Internet connection among all the computers on your
local netw ork. This is done through a technique called Netw ork Address Translation, or NAT. To the outside
w orld the cluster of machines w ill look like a single machine w ith a single IP address.

Step by Step How to Install "FIRESTARTER"

1. Synaptic Package Manager

Click on Firestarter --->MarkInstall--->APPLY

2. Running Firestarter as below

3. Choose Type Internet Connection base on your Network Method

Choose TOP one if your method such as ADHOC
Choose DHCP as below Method Setting

The physical setup and network device settings
The procedure for setting up a netw ork using
connection sharing is essentially the same
w hether you have only tw o computers or a more
complex netw ork w ith hubs or sw itches
connecting multiple computers. For this example
w e w ill be assuming that the Internet connected
device on the firew all is an Ethernet card, but a
modem or ISDN w ill w ork too.
The Firew all/gatew ay machine connected to the
Internet w ill need tw o netw ork cards and the
clients need one each.
The first netw ork card in the firew all, the external interface, w ill be the one physically connected to the
Internet. This card is usually automatically configured w ith DHCP. The second netw ork card in the firew all,
the internal interface, w ill be connected to the client machines via either a crossover cable if the connection
goes directly to another computer, or regular cable if you have a hub or sw itch.
The internal interface of the firew all needs to be
statically configured. There are many w ays to
configure a netw ork interface depending on the
distribution you use. Fedora and Red Hat Linux ship
w ith a simple command line tool called netconfig and a
more sophisticated graphical tool called system-config-network. system-config-network w orks better w ith
multiple netw ork cards in the same machine, so w e recommend you try it. Other distributions include their
ow n configuration tools, for example in SuSE you w ould use the Yast program.
No matter how you decide to configure the netw ork cards, these are settings you should enter:

For the external device (usually eth0):

Enable dynamic IP configuration (DHCP)
That's it. You're done, don't touch this card further.
The internal device (usually eth1):
Disable dynamic IP configuration
IP address:
Default gatew ay (IP):
Any changes you make w ill take effect after a reboot, or more elegantly after a restart of the netw ork
services (run "/etc/init.d/network restart" as root in most distributions).

Configuring the clients

There are tw o w ays to configure the clients. The more elegant and in the long run easier w ay is to run a
DHCP service on the firew all. A DHCP server distributes the netw ork settings such the IP address, the
default gatew ay, nameservers, etc. at run time to the each client. The alternative to using a DHCP server is
to configure every client manually.
Using the DHCP service is as easy as simply enabling it in Firestarter. For more information about the service
and how to configure it, refer to the section on configuring the DHCP server.
When using DHCP, the clients need only be configured to use dynamic IP configuration. No other settings
need to be changed.
Configuring the clients manually
If you do not w ish to use the DHCP service, configure the netw ork devices of the clients to use the follow ing
Disable dynamic IP configuration
IP address: to, w ith each client using an unique IP
Default gatew ay (IP):
Primary nameserver: Set this to the same nameserver as used on the firew all. You can see the correct
setting in the /etc/resolv.conf file on the firew all.
Restart the network service and you're done.


Eran Smith said...
This comment has been removed by the author.
Eran Smith said...
This comment has been removed by the author.