[MLB-WIRELESS] IP Tables.

Phil NodeHPL zoiqq at yahoo.com.au
Tue Apr 5 21:34:18 EST 2005 

Hi Guys,

Ok, well progress back here at NodeHPL, and my surronding area, leads me to the next question about working with MelbWireless.

IP Tables.

Now I've had a /16 (i think) given to me, I know NodeIPK near me also has an IP allocation, but how do we setup our IP's locally, and then intern, link to each other and the rest of the group, while maintaining our independant broadband services (like I have aDSL with Internode), and our own private network.

currently my knowledge extends to and is also limited to :

All IP's in my personnal network are 192.168.0.x with 192.168.0.1 as my aDSL Modem/Router (which does dhcp .30 to .250)

Now where I have set a static ip, I set the IP 192.168.0.x (where the x is between .2 and .29) subnet mask of 255.255.255.0 gateway of 192.168.0.1 and DNS Servers 192.231.203.3 / 192.231.203.132 (as per Internode).

Otherwise my whole Network is limited to this knowledge.

Seperately (while I was connected) my link to IPK was using (initially) his DHCP (192.168.2.x) later, setup with a static IP, subnet mask 255.255.255.0 and gateway of 192.168.2.251 (from memory)

Now the Laptop I used to connect to that link, did not (at the time) have a link to my regular network or my aDSL.

Assitionally I have a linux box I setup (SME if you know the distro, which is an idiots install, and about all I'm capable of), which currently resides at .10 of my private network, and has the appropiate ports forwarded from my aDSL c/o my Router.

How can I setup my network, to give unlimited access to anyone within my private network to :

each other,
my aDSL,
Melbourne Wireless.

Without allowing :

Melbourne wireless to use my aDSL
Melbourne wireless to see my private network (beyond my SME server)
my aDSL to see my private network (beyond my SME server)
my aDSL to see Melbourne wireless

While setting up a DCHP for 'passers by' to link to melbourne wireless, which does not broadcast DHCP to anyone beyond that specific AP/Antenna.
While keeping a seperate DHCP for my private network. (and for that network only).

Anything else you can think of... I think you all get my drift.

Basically if someone parks out the front of my house (so to speak) they can access melbourne wireless and my SME Server, (and any additional servers I might setup).
If someone links to my private network, they can access everything without limitation.
If someone in linked to the internet they can access my SME Server only.

Considering that I'm also running a VoIP SPA-3000 box (.11 on my network) connected directly to my aDSL Modem/Router.

As a side note I have an UPS powering my aDSL Modem/Router, SME Server and SPA-3000, as these are consider essential (to me anyhow).
I have a second UPS which currently runs everything else, less reliable UPS, but enough to counter to occasional power flickers that I get here sometimes.

So, although I know its called IP Tables, I know nothing past that.

I guess I need to run a router style server on a machine or similar with firewalls and so forth, so I'm going to tell everyone what I have now in the way of equiptment, to hopefully give you guys some ideas about what I can do, considering my limited ability with everything.

I have a Netgear DG814 aDSL Modem/Router (basic Firewall, NAT, DHCP 4 port switch idea)
I have a Linksys WRT54G 4 port Router/AP (not currently really used)
I have 2 Switchs 8 port, (1 netgear, 1 cheapo).
I have 3 Senao 100mw (b) AP's (1 in use for link to IPK)
I have Sipura SPA-3000 (which needs to be linked directly to aDSL).
I have a spare p2-333 machine, with as many NIC's and 1 PCMCIA cradle (and Veritech/Senao 200mw card)
I have my SME Server
I have my main machine
I have my laptop (test machine, portable etc)

I'm happy to buy more gear, but hopefully can make something out of what I have so far...

My guess is to install some variant of unix/linux/BSD onto the p2-333 machine to act as a universal router/firewall/gateway service, but which distro ? and how to install it ?
I probably also need to have a much better understanding of IPTables, because (as shown above) I got no idea.
All suggestions help accepted, will bribe for direct additional assistance if required.

I think someone mentioned something about some protocol used to route nodes within MelbWireless ?!? no idea

Please consider that beyond the knowledge explained above, I have no idea.
Probably others would be in the same position, so be nice too...

I'm hoping to be able to from my main machine, type in a URL, and bring up that home page, regardless of the fact this machine runs off a DHCP on my private network, and regardless of which URL and which network that URL belongs to.

Phil, NodeHPL.

PS Hope to be at this weeks meeting, from about 9:40pm






-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wireless.org.au/pipermail/melbwireless/attachments/20050405/6360dca7/attachment.html>

More information about the Melbwireless mailing list