Linux newbie question

[cleaner416]

I am brand new to Linux and have a feasability question for the group:

At work I was given the gift of a network drop and a static IP on the firms T1 line. At home I have a cable connection/dynamic IP. So...I was thinking of taking an old IBM Thinkpad laptop, putting Linux on it, dropping it at work, pointing my domain names to it, and using it to route mail, web and other IP traffic to a server at home, whose IP address changes a lot. I was thinking that the home server could periodically FTP its dynamic address to the Linux machine.

So...here are the questions:

1.) What flavor of Linux should I install on the Thinkpad?
2.) Will it be possible on the Linux box to route TCP/IP traffic on certain ports...25,110,80,21?
3.) Could this routing be easily accomplished on the Linux box by looking at an IP address in a file?

Your thoughts and comments would be greatly appreciated!

TIA

 

[boebox]

I do not think this is possible, your laptop needs to be dual homed. One NIC for the internal network at work and another for you home connection.

For it to act as a router, you need 2 NIC's.

-Tony

 

[cleaner416]

Thanks for the response...I don't think is necessary for the laptop to be dual homed...I'm envisioning an app that listens on port 80 (or some other port) and relays whatever traffic comes in on that port to another IP/port combo. There is a winodws app that does this:

http://www.xtware/tcprelay

But I would hate to install Win2k just for this app (it is only 42k)...all that bloat...that is why I was thinking Linux.

 

[mithrilhall]

I'm not sure if this is what you were looking for:

thread65-227732

 

[cleaner416]

Thanks for the link...that would definitely work (port forwarding through apache) but only for HTTP...I'm trying to forward HTTP, POP3, SMTP, etc...

 

[cyoung]

This can be done using IPChains, but you are over complicating things.

Since you have a static IP at your work location, and that will be the address that all the requests come to, why not have your HTTP, FTP, and SMTP servers located there?

You would not need to redirect the services to your home machine, and the problem of a changing IP would not be a factor.

As to the problem of redirecting the traffic to a changing IP, then, yes, you could FTP the IP address of your home machine on a regular basis and use a simple shell script on the laptop to update the routing tables.

Good Luck!

 

[ifincham]

Hi,

This is almost do-it-yourself ddns (dynamic dns) and I can't really see the advantage of trying this approach over just using a ddns provider. For example -->

http://dns2go.deerfield.com/

. The whole object of those kind of services is so that people can host web servers or whatever despite having an IP address that changes from time to time.

or did I miss something ?

Regards

 

[cleaner416]

thanks for the input. it would be easier to just run with a DDNS provider...but I have a router at home that gets the dynamic IP and so must DDNS clients wouldn't work. more importantly, I simply want to mess around with Linux.

Also it would be easier to do all of this stuff on the work machine, but it is not a powerful machine, (thinkpad 600) and I am afraid of 1. sucking up my company's bandwidth and 2. maxing out the machine with all of those services, which would then have to include some sort of firewall and antivirus software since it is essentially in the DMZ at work. The home machine has everything sitting comfortably behind the firewall.

 

[ifincham]

Hi,

OK - well you should be able to it with iptables code like this :


#!/bin/bash
IPADDR="192.168.1.1"
/bin/echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/modprobe ip_tables
/sbin/modprobe iptable_nat
/sbin/iptables -P FORWARD DROP
/sbin/iptables -t nat -A PREROUTING -p tcp --dport 80 -i eth0 -j DNAT --to $IPADDR


Obviously, you'd change it to read the destination address from a file or suchlike rather than leaving it static like the example of 192.168.1.1 above.

See -->

http://netfilter.samba.org/documentation/HOWTO//NAT-HOWTO.html

Hope this helps

 

[cleaner416]

Any idea how this translates to ipchains? Thanks!