PDA

View Full Version : Build an ISDN Router using Knoppix 3.3


torbu
05-07-2004, 07:52 PM
Hi Experts,

I have setup my Notebook, a TECRA M1, to serve as an ISDN Router. Well, actually I'm still working on it, since I can't reach the internet from the client machines.

Here is what I have setup so far:

ISDN Router / Server:
* Toshiba TECRA M1, running Knoppix 3.3 from harddisk
* running Ndiswrapper 0.7 (http://ndiswrapper.sourceforge.net) to enable the Centrino PRO2100 wireless network card; setup as Ad-Hoc wireless network
* Installed the ISC Software (http://www.isc.org/sw/dhcp) to setup a DHCP server for the local network over the PRO2100 network card
* Fritz! PCMCIA card to connect to the Internet via ISDN

Client machine:
* Apple iMac running Mac OS X 10.3
* Apple airport wireless network card to connect to the Knoppix ISDN Router

And here is what's working so far:
* DHCP server on the Knoppix ISDN Router is working; ISDN Router is assigne the IP address 192.168.0.1 on the wireless network card
* connection to the internet is established via the ISDN card
* iMac connects to the Knoppix router and gets a local IP address assigned (192.168.0.x)
* I can ping the Knoppix ISDN Router (ping 192.168.0.1)
* I can ping the iMac from the ISDN Router
* I can access the Internet from the Knoppix ISDN Router

And here is what's not working so far:
* I can't access the internet from the client machine (the Apple iMac) :-(

I know that I'm probably missing only one route, but I don't know what route and how to set it up... :?:

Any ideas would be greatly appreciated.
Thx, TorBu


And BTW, here is some more information on my config:

-----------------
*** ifconfig ***
-----------------
ippp3 Protokoll:Punkt-zu-Punkt Verbindung
inet Adresse:213.61.192.81 P-z-P:212.121.151.20 Maske:255.255.255.0
UP PUNKTZUPUNKT RUNNING NOARP MTU:1500 Metric:1
RX packets:3183 errors:0 dropped:0 overruns:0 frame:0
TX packets:3653 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:30
RX bytes:1782578 (1.6 MiB) TX bytes:413946 (404.2 KiB)

lo Protokoll:Lokale Schleife
inet Adresse:127.0.0.1 Maske:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1221 errors:0 dropped:0 overruns:0 frame:0
TX packets:1221 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:0
RX bytes:212183 (207.2 KiB) TX bytes:212183 (207.2 KiB)

wlan0 Protokoll:Ethernet Hardware Adresse 00:04:23:91:64:65
inet Adresse:192.168.0.1 Bcast:192.168.0.255 Maske:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6131 errors:0 dropped:0 overruns:0 frame:0
TX packets:209 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:1000
RX bytes:599408 (585.3 KiB) TX bytes:11846 (11.5 KiB)
Interrupt:11 Speicher:dfdbf000-dfdbffff

-----------------
*** route -v ***
-----------------
Kernel IP Routentabelle
Ziel Router Genmask Flags Metric Ref Use Iface
212.121.151.0 * 255.255.255.0 U 0 0 0 ippp3
192.168.0.0 * 255.255.255.0 U 0 0 0 wlan0
default as1.fra.de.colt 0.0.0.0 UG 0 0 0 ippp3

----------------------------------
*** /etc/network/interfaces ***
----------------------------------
auto lo wlan0
iface lo inet loopback

iface wlan0 inet static
address 192.168.0.1
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
torbu
05-09-2004, 01:20 PM
It is working: I am able to share the internet connection I establish with my Linux box. And here is how I did it:

My Linux box is equipped and setup as follows:
ippp1 – ISDN interface to receive DHCP from my Service Provider
wlan0 – Wireless network card for my internal network, manually assigned IP 192.168.0.1 (see step 2)


Step 1
Install DHCP and edit dhcpd.conf as follows

#dhcpd.conf
#
ddns-update-style ad-hoc;
default-lease-time 1800;
max-lease-time 72000;

option subnet-mask 255.255.255.0;
option broadcast-address 192.168.0.255;
option routers 192.168.0.1; # IP of wlan0 / internal network
option domain-name-servers <IP DNS 1>, <IP DNS 2>; #Check with your ISP
option domain-name “<name of your Linux box” How you named your Linux box during setup

subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.02 192.168.0.10;
}

Step 2
Edit /etc/network/interfaces file as follows

#interfaces
#
auto wlan0
iface wlan0 inet static
address 192.168.0.1
network 192.168.0.0
netmask 255.255.255.0
broadcast 192.168.0.255

Step 3
Restart Your Network by issuing the following command from a shell:
/etc/init.d/networking restart

Step 4
- Set your client machines to receive DHCP from this server
- Ping your Linux box / Server from your client to ensure everything is okay

Step 5
Create Firewall Scrip rc.firewall in order to allow packet forwarding

1. touch /etc/init.d/rc.firewall #creates rc.firewall script
2. edit rc.firewall as follows:

#!/bin/bash
/sbin/iptables -F
/sbin/iptables -t nat -F
/sbin/iptables -t mangle -F
/sbin/iptables -X
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A INPUT -m state --state NEW -i ! ippp1 -j ACCEPT
# only if both of the above rules succeed, use
/sbin/iptables -P INPUT DROP
/sbin/iptables -A FORWARD -i ippp1 -o wlan0 -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A FORWARD -i wlan0 -o ippp1 -j ACCEPT
echo "1" > /proc/sys/net/ipv4/ip_forward
/sbin/iptables -t nat -A POSTROUTING -o ippp1 -j MASQUERADE
/sbin/iptables -A FORWARD -i ippp1 -o ippp1 -j REJECT

Step 6
Make rc.firewall script executable:
chmod +x /etc/init.d/rc.firewall

Step 7
Run rc.firewall script:
/etc/init.d/rc.firewall

Your server/router box should now be able to route internet traffic from and to your LAN throu your shared ISDN internet connection.

Action items:
- Create your own firewall script to suit your own needs, in case the one provided here is not sufficient
- Set rc.firewall to run at boot time so you do not have to start the script manually every time you (re-)boot (e.g. as described here (http://www.debianhelp.org/modules.php?op=modload&name=News&file=article&sid=2651))
- Automatically establish an internet connection if a client tries to access the internet
- Make ibod (bandwidth on demand) work with this solution

Credits
This solution has been developed by canjfn and I found it here (http://www.debianhelp.org/modules.php?op=modload&name=phpBB_14&file=index&action=viewtopic&topic=5165).

Enjoy.
Torbu

BTW: If anybody here knows how to automatically establish an internet connection from the Linux box, every time a client tries to access the internet, please feel free to post it here!