Linux Network |
|
At the time of writing, I needed to access the Internet through a dial-up connection. The problem I initially had was that the Ethernet card always wanted to help as the gateway, so none of the network traffic left by the dial-up connector.
I'm sure that my solution to this isn't the best, but I edited the file
/etc/network/interfaces
so that the line that read
auto eth0
was commented out (started with a '#').
IPTables is an extremely useful part of the Linux kernel that allows you
to ignore and drop network connections. For my machine, the only connections
that I want are ones that I have started myself. To do this, I did the following
steps (as root
):
iptables -F
This tells iptables to drop all traffic that is being forwarded, and by
default drop all traffic that is coming into the machine. The exceptions
for the incoming data is anything that the laptop is sending to itself, and
anything that is due a connection initiated by the laptop through the
dial-up connection. This script will not allow the Ethernet card to use the
network. If you need to find out more about iptables, then have a look at
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -A INPUT -s localhost -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -i ppp0 -j ACCEPT
/usr/doc/iptables
.
Once this has been done, you should save the iptables settings by:
/etc/init.d/iptables save active
I found that I needed a local SMTP server to send my emails. I decided to set up Exim for this purpose. Its default configuration file was almost good enough, but I did have to add the domain name of my normal email address to its list of local hosts. That way, undelivered mail comes straight back onto the machine.
Normally this wouldn't be necessary because your ISP will provide you with an SMTP server for outgoing mails.