Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

web filtering and samba on a home network

Status
Not open for further replies.

spizotfl

MIS
Aug 17, 2005
345
US
Hi everyone. I have three computers: a windows laptop, a linux box, and a windows desktop. I was recently tasked with coming up with a web filtering solution to prevent a 12 year old boy from looking for the sorts of things 12 year olds sometimes look for. I have managed to hack around my network and have added a nic to the linux box that connects to the windows desktop. All of the windows traffic is now filtered and things are happy and wonderful on that front. I have set up Samba on my workgroup and from each windows box I can see the Samba share. From the linux box I can see each windows box. Hooray!

So what's the problem? I would like to see the laptop from the windows desktop and vice versa. I figure there is quite a bit for me to learn on this subject, so I am looking for guidance.

The setup is like this:
The laptop ip is 192.168.5.100
eth0 on the linux box is 192.168.5.101 (external facing)
eth1 on the linux box is 192.168.6.1 (internal facing)
the windows desktop ip is 192.168.6.10 and has eth1 as the gateway.

At some point i plan on reworking the whole setup, but for now if it is possible to make this setup work, that would be cool.

Just had a thought, i am guessing that i need some sort of routing or iptables forwarding, but not sure how to go about it....

Thanks for reading....

"Maturity is a bitter disappointment for which no remedy exists, unless laughter can be said to remedy anything."
-Vonnegut
 
You didn't say why you are using two different subnets. If you can have them all on either 192.168.5 or 192.168.6, that would help a lot.
 
RhythmAce:
I guess spizotfl logic is that he wants the laptop to have direct (unfiltered) access to the net by bypassing the Linux box.

spizotfl
The best way of solving your problem is as RhythmAce suggested else you have to do a 2 way PAT of port TCP-445 on your firewall and setup the WINS service on your Samba server.

--== Anything can go wrong. It's just a matter of how far wrong it will go till people think its right. ==--
 
The reason why I haven't put them on the same subnet is that I keep having problems when I try it. I don't want the laptop filtered, just the windows desktop. I may well be missing something when I try and put them on the subnet. If it would work they way I want it to on the same subnet, then I will go back to trying to hash that out.
Thanks for the quick replies....

"Maturity is a bitter disappointment for which no remedy exists, unless laughter can be said to remedy anything."
-Vonnegut
 
How about putting everything on the same subnet then use iptables to put the laptop in the dmz?
 
Keep the laptop behind the Linux machine and a prerouting rule and transparently redirect only the desktops requests to a proxy/filter.

--== Anything can go wrong. It's just a matter of how far wrong it will go till people think its right. ==--
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top