Wow, clarkconnect doesn't have development tools installed by default. Besides this software will expire within a year, I dont want to recompile the kernel again annually.

Since squid packets can't be marked without ROUTE mangle, how about I put it this way:

Yes this is more simple, divert all connections excluding squid/other ports to WAN2.
Sorry, I'm really bad with iptables

from what i read, it's not advisable to install development package in any dedicated router. usually after i compile something, i removed it back. i might be wrong though

yeah, security wise yes but not that much. You wouldn't know some people who managed to break in might compile sniffers or custom "files" in your router.

No, that wouldn't be possible, you'll be needing wireless router or WAP(wireless access point), It works just like a normal switch except, its wireless.

In former problem:
No, there is no need for squid patching. My mangle rule is wrong, the correct one is already answered in the mailing list. That is change from:
iptables -A PREROUTING -i eth0 -t mangle -p tcp --dport 80 -j MARK --set-mark 2
to
iptables -A OUTPUT -t mangle -p tcp --dport 80 -j MARK --set-mark 2
For a while i was confuse with chain OUTPUT because i guess it evaluated after routing already done, but the truth is not. See http://l7-filter.sourceforge.net/PacketFlow.png to see how routing is decided.
After that, just follow for the rest.

Current setup:
- I would prefer the former rather than later as it's cleaner approach. If you decide to use this setup, you'll need to mark every packet except tcp dport 80. This would also increase unnecessary processing overhead. But the concept is still the same:
- route only happen at IP layer, so it don't know about TCP port number. So it needs help from iptables.
- iptables know about TCP layer, so it can check the source/dest port for each packet. To work with route, iptables will mark the necessary packet with special "tag".
- route see packet with special "tag", send them to correct interface (eg: wan2).

Notes:
- iptables know nothing about application layer. So if you want up to application control(eg: http only, not port 80 tcp), then you'll need another piece of software. (Eg: snort-inline). But remember, the higher TCP layer you use, the higher processing overhead would occur. So, for this example i'll just use tcp port 80 which should be adequate.

If your card support hostap, it can be converted to Access Point.
http://hostap.epitest.fi/

I see, so what you want is High-Availability(HA) not High Performance(HP). If i recall correctly, you'll need a daemon to monitor line status. If fail, then failover.. maybe this site could help you:
http://www.linux-ha.org/

err .. if I need to put wireless ? I just connect my wireless access point to the switch ?

If I am using wireless router , do I need to set anything on the wireless router ?

erm.. I do not really understand here.. Let me try to get you..
Is is what you are trying to say is,

1) 1st NIC is connected to internet
2) 2nd NIC is acctually a somesort of PCI wireless access card(does this exist??)

OR can be drawn like this,



you quoted, If your card support hostap, are you refering to NIC card?

sorry for the noobness.. It just that I got a picture in my mind but not sure on how to do it in real life..

he was mentioning abt whether if the pci wireless card support hostap

thanks.. that means this DIY router can be made into DIY wireless router also..

Linux is free, safe, fast and no limits.

Btw, Windows put a limit on how many can connect to your pc, though hackers got a way around long long time ago.


I got no computer to do that, my Pentium 233 mhz pc died 3 to 5 years ago.

Thanks, I'll try that on monday

hey guys, can ClarkConnect added with any Bit TOrrent/Download module? i mean any idea? if not any other recommend software that can do such thing? but i also need NAS+Router+download station+webserver

hi, thanks bro.
but i m very very new to linux, especially this type of router configurations. the most i did on linux was to boot off the ubuntu live cd.
any recommended config, like ipcop to put up a working router first? (put aside the multi wan thing n as long as i can control audio streaming as it created havoc in the office network)
any more links to read?

need what kinda of modem? Nomal old school dial up modem can or not?

u have to use ADSL modem

no no no..u wilson88 are wrong.
ipcop acts like a router it it givs NAT service to yout network computers. You can use 56k or ISDN modem to connect to internet too.but there's no point sharing that 56k dial up speed among ur computers rite?

How abt reading my tutorial in my link that i've posted in my 1st post? It's abt from installing the ipcop up until setting up streamyx account. With screenshots of course for easier understanding.
http://forum.lowyat.net/index.php?showtopi...dpost&p=8910498
For audio streaming control, you'll need to install extra Advance Qos. You can apply rules for audio streamings. like say..reserve or limit 20% of the bandwidth for it

This post has been edited by syyang85: Nov 6 2006, 12:04 AM

err .... hi, still how to get BT/FTP/Direct download working with ClarkConnect or any other ... any idea how? thanks!

I kena pwned !!

hahahaha sorry , my mindset was set to ADSL I didn't think of 56k I kick 56k out of my mind ade

did read ur tutorial. hv to read more as this stuff is quite new to me..haha...
hv to figure out when i get my hands on it.

Too bad i dun hav two lines. If no,t i definitely gonna try that out. Double the speed!