Results 1 to 5 of 5
I'm having trouble figuring out how to do this. I've got a Work Laptop that I bring home once in a while and need to connect to the Internet. My ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 11-15-2007 #1
Adding Work Laptop to Home LAN with iptables firewall
I'm having trouble figuring out how to do this.
I've got a Work Laptop that I bring home once in a while and need to connect to the Internet. My Home LAN is running a firewall through a linux server using iptables.
The firewall uses a variable $INTNET="192.168.0.0/24" for the iptables commands but this excludes the work laptop ipaddress The laptop address is set by work IT and could be something like 162.97.xxx.yyy. (I can't set the laptop ipaddress but I suspect it changes say, once a month when I'm hooked to the work LAN) I know that I have to add the laptop to the hosts.allow file but the firewall won't let me connect and I assume it is because of the 192.168.0.0/24 allowed range
Here is the question....
Is there an elegant way to add the laptop ipaddress to variable $INTNET? Or do I have to add another iptables line including the laptop ipaddress everywhere in my firewall script?
I've tried $INTNET="192.168.0.0/24 162.97.xxx.yyy" and that didn't work. Perhaps it is my syntax?
I've looked through some forums and Google hasn't been my friend for this one...
Hoping to hear from someone.
- 11-17-2007 #2
- Join Date
- Nov 2007
the question is do u have administrative right to that laptop anyway?
Coz u can't know the ip of that laptop unless u have the, most case ifconfig wont work under normal user, it will work under root. so u have to know the real ip and whether its static, coz if its Dhcp, the u need to set up yo home gateway to act as a dhcp server.
All the best
- 11-17-2007 #3
Howdy Robin, thanx for your interest!
I do know the IP address of the laptop, I can get it through the Windows command "ipconfig" I do not know if the address is always the same, perhaps it is, perhaps it is not. I do not have admin priveledges on the laptop as it is the companies IT policy.
I thought that if I knew the IP address of the machine, I could allow connecting and allow firewall access to the internet.
I'm not sure if DHCP is the answer as I am not using it in the gateway.
I guess the real question is how can I get the script variable $INTNET to include addresses in the block 192.168.0.0/24 and one other specific address or do I need a second variable? Can I describe the variable as a vector (or matrix)? If so, how?
I'm going to try a second variable name and add a lines to the iptables to INPUT, OUTPUT and FORWARD that address but I thought a more elegant solution would be to include the address in the existing variable.
I'll post later when I know how it works. In the meantime, anyone out there know a way to do this?
- 11-17-2007 #4
- Join Date
- Nov 2007
- 11-17-2007 #5
Thanx for the info, I was familiar with the resource and found it helpful when I originally set-up my LAN, but it doesn't really help out in what I want to do.
Perhaps some clarification....This is what works:
5 linux boxen
4 windows boxen
Linux Gateway &
What I want to do is add another Windows Box (My Work Laptop) on the top so it can contact the 'Internet Cloud'. The problem is that I cannot assign a 192.168.0.0/24 IP address to 'My Work Laptop' and must use the one provided. But the one provided does not get through the firewall. I'm using an iptables script with a variable named $INTNET="192.168.0.0/24" that is called by every iptable rule. I do not need the other 9 boxes to talk to 'My Work Laptop".
How do I get the variable $INTNET to equal "192.168.0.0/24" and "the provided laptop ipaddress" ? (Or is this a hopeless approach?)