[1838] in linux-net channel archive
Re: Need help to connect to ISP!
daemon@ATHENA.MIT.EDU (Todd Fries)
Mon Feb 5 00:28:19 1996
To: mikedlr@indy.unipress.waw.pl (Michael De La Rue)
Date: Sun, 4 Feb 1996 14:29:17 -0600 (CST)
Cc: gstein@eshop.com, Jims@glix.com, sayer@imaginet.fr,
linux-admin@vger.rutgers.edu, linux-net@vger.rutgers.edu
In-Reply-To: <Pine.SGI.3.91.960202073752.3230D-100000@indy.unipress.waw.pl> from "Michael De La Rue" at Feb 2, 96 08:21:07 am
From: tfries@umr.edu (Todd Fries)
> If you have only one IP address, then you have only one machine to send
> packets to. Ah, you say, but my machines all have different addressses,
> 192.x.x.x. But this is where the problem is 192 is an address that can't
> send packets outside. Anyone can construct a 192.x network (including
> one with exactly the same addresses as you) and connect it safely to the
> internet anywhere, but only because no gateway/router/brouter on the
> internet will (should :-) ever transfer 192 packets, so those machines
> can never communicate outside their network.
What RFC states the use of this address? I thought that 192.168.x.x and
110.10.x.x were the 2 reserved networks. I didn't realize that 192.x.x.x
was open for use...I thought I've connected to 192.x.x.x address over
internet? Maybe I'm wrong..
> SOCKS firewall:- This is fine as long as you have every program you want
> to run SOCKS aware (replace libraries and they should all work except for
> any which have been statically compiled etc..). But you still don't count
> as properly connected. For example, running an FTP server on your PC
> won't work properly.
Ah, I now understand the limitations of SOCKS.
> Now here's where you could be really clever. Build a connection system
> (into the gateway code of linux) which remaps internet connections from
> the PC on it's ftp port to a different port on your linux machine. Then,
> it will seem as if your Linux machine has two ftp servers running, and you
> can connect to the second one with
>
> ftp your.machine.name 3435
This is called 'bouncing' incoming connections to pre-selected ports on
an internal network..I personally know someone who has written a program
for this purpose, but he refuses to allow just anyone to use it, and
furthermore, he absolutely denies me access to the source...
What I believe one could use is ip_masquerading. It at least gives the
machines on the local network access to internet.
> Alternatively, you could change service provider.
> Serious service providers provide static addresses. The address is meant
> to identify the machine. Just because it's cheaper dosen't mean it's
> better.
Some of us don't want to pay for primetime services. Many would rather get an
ip on internet whenever we dialup for a fixed rate. Others, like me,
have no choice in the matter, as dialups provided by the University don't
provide fixed ip's, rather dynamic ones, one per modem.
--
Todd Fries...tfries@umr.edu
http://www.cs.umr.edu/~tfries
