A site for solving at least some of your technical problems...
A site for solving at least some of your technical problems...
Today I was requested by my wife to make her Nook work on our wireless network (she usually can use our neighbors but the connection drops all the time.)
The Nook makes use of DHCP only. So on my static IP address only network, it's kinda not going to work as is! (I must have static IP addresses for security so I can setup a strong firewall.)
So I had to go through a few hoops as follow to get everything to work. Interestingly enough I have not found another website that was talking about such things and their solutions on Linux.
Oh! Wait! Nookers are probably not Linux users. Ha! Ha! Anyway, sorry for the sarcasm...
I have a Belkin router for the wireless network. In generall all the computer on the network, wireless or not, are assigned a static IP address. But the router doesn't really care as long as it is in the right network (i.e. 192.168.x.x)
However, I have to have the strong encryption (WAP2) and protect connections using the Mac address. Without that, the Nook would not even connect to the router. Once I had that IP address, it would connect to the router and say so on the Nook (that is pretty well done, if I might say.)
Since there is no way to setup the IP address on the Nook, I have to run the DHCP server. First install it:
apt-get install dhcp3-server
Then configure it. This is where we assign a static IP address to the device. Any other address offered through the DHCP server will be blocked by the firewall anyway. So, in the configuration you need something like this:
subnet 192.168.120.0 netmask 255.255.255.0 { range 192.168.120.100 192.168.120.109; option subnet-mask 255.255.255.0; option broadcast-address 192.168.120.255; option routers 192.168.120.1; }
Note that 192.168.120.x is my intranet. In other words, that network is only for my computers at home and they do not have direct access to the Internet. Instead they all have to run through my server (although they don't have access to my server either.)
So... now we reserved the addresses from 100 to 109 on the 192.168.120.x network to the DHCP server. This represents a specific interface and thus we should only run the DHCP server on that one interface. This is defined in the INTERFACES variable in file /etc/default/isc-dhcp-server (this is on Ubuntu, at least.)
For example, if that's on your eth1 network card, use INTERFACES="eth1". If you use bridges on your network, then maybe you want to use INTERFACES="br3".
Finally, the dhcp.conf file needs a host entry to force the IP address of our new friend. This is done with:
host nook { next-server nook.example.com; hardware ethernet 11:22:33:44:55:66; fixed-address 192.168.120.102; }
Here we go. The DHCP server is told the Nook device MAC address (which is part of the network negociation, really.) We use that MAC address to specifically assign a fixed address to that device with the fixed-address command, here 192.168.120.102.
Now that your new device has a fixed IP address, you can setup your firewall to let it go out on the Internet on its own. For example, I use something like this for the FORWARD list:
-A FORWARD -i eth0 -o eth1 -p tcp -m state --state ESTABLISHED,RELATED -m tcp ! -s 192.168.120.1 -d 192.168.120.102 ! --syn -j ACCEPT
(this is one long line, broken up in two for better presentation on this Snap! website.)
This means we let traffic on established TCP connections flow through as long as it looks valid and it definitively for the Nook device.