Networking : how to bridge two NICs to share internet access ?

Luis Murillo lmurillo at gmx.net
Thu Aug 25 05:19:22 UTC 2005


ok, lets see, I've read the whole thread and think that it became a bit
confusing for the new user. Now there are a couple of ways to do this,
although you mentioned that you didn't want something that did it all
for you I will mention it anyways ;)

1. The easy way: use firestarter, it's in the Ubuntu repository (i.e.
Synaptic) and it can enable the sharing between the internal machines
(i.e. the home network) and the Internet. Uses a GUI.

2. A less easier way: use bastille, this is also on the Ubuntu
repository, now this program not only enables the sharing of the
Internet connection through the Linux box, but it will implement a
couple of security measures. It asks you a couple of questions, so you
might have to read a bit. Although it can use a GUI (Graphical User
Interface) it's not required.

3. A bit harder method: use a script like Arno's Firewall, you download
a file which contains a set of instructions. You have to edit this file
in order to get it to work the way you need it. The script is very well
documented and is rather easy to configure, depending on the
configuration you want it might give you a challenge. You can use any
text editor you like, like gedit or vim.
There is also a program called Firewall-Builder, it enables you to
create your own firewall, it has a GUI. I don't find this tool to be
very easy to use, but it's very powerful and once you understand how it
works then you will find it very easy to use, though I might not use it
for the kind of configuration you're trying to make.

4. The hard way: configure iptables by the commands and you can create a
script so you don't have to do this every time the computer restarts.
Configuring iptables is not very easy, since it's done on the command
line and using commands to configure the rules. Uses the CLI (Command
Line Interface)

Now, I have this setup at my home, I currently have only one computer
that connects through my Linux box, but I once had two machines and
sometimes friends come over to my house and connect to the Internet
through my Linux box as well. I have configured this many times and have
used all of the steps mentioned above, I really like using Arno's
Firewall script. But you can choose which ever way it's most suited to
your needs.

If it's just two computers (the Linux box and another one) then you can
connect them using a cross-over cable and you won't need a
hub/switch/router. If it's more than two machines then I would recommend
that you get a switch, and if you need wireless then buy a separate
Access Point, I know that some people might say that there are routers
that have wireless already integrated, but I prefer to keep them
separated.
The router allows two different networks to connect with each other,
such as the Internet or WAN (Wide Area Network) and a LAN (Local Area
Network). Where the switch allows only machines to communicate with each
other as long as they are on the same network. Hubs are rarely used
nowadays, switches are better and more intelligent than Hubs.

I hope this helps. It's a lot better to have this setup, specially if
there are Windows machines on the network, they are better protected
this way.

On Wed, 2005-08-24 at 20:41 +0200, Vincent Trouilliez wrote:
> Hello, network gurus, newb need help :-)
> 
> I have two Ethernet controllers in my machine. One is connected (DHCP)
> directly to the cable modem, to access internet.
> 
> The other NIC is there to play/experiment with local networking.
> In System->Administration->Networking, I set it to 'fixed IP' an gave it
> the address 10.0.0.0 and accepted the default subnet mask (255.0.0.0),
> since I don't know any better...
> 
> The fist thing I would like to try/fiddle with is :
> 
> Connect a second machine to this NIC, and access internet.
> How do I do to access internet (eth0) from the local network (eth1), is
> that something called "bridging" or something ?! Is it difficult to set
> up ? Can be it be done using some GUI in Breezy, or do I need to tweak
> some config file somewhere (I don't mind of course) ?
> 
> Thanks much in advance ! :-)
> 
> 
> Regards,
> 
> 
> --
> Vince
> 
> 
-- 
Luis Murillo M.
lmurillo at gmx.net
Heredia, Costa Rica

GPG KeyID: D66B35FD
gpg --keyserver pgp.mit.edu --recv-keys D66B35FD
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20050824/24cb464f/attachment.sig>


More information about the ubuntu-users mailing list