[Truepop]

I am not the sharpest tack on the chair when it comes to networking.

My situation. I am a college student who is on a network that is behind a strict firewall and AIM, POP3, and other ports are blocked. I am thinking about getting a dial-up connection to use AIM and check my email with mail.app and access my idisk within the next few days I have before I choose not to renew it.

My question, would I be able to be on the network and have my computer dialed up at the same time? Better yet, have my computer know ports like 80 and 21 to use the network connection while the other ones use the dial-up?

If so, how?

[Camelot]

You can certainly use both network interfaces (ethernet and dial-up) at the same time.

By default, the ethernet port will handle any traffic on the same local subnet and dialup interface will handle all other traffic.

It isn't possible (or, at least, extremely tricky) to route traffic by port, so that port 80 goes through one interface and other ports go through the other, but generally routing by IP address is better, anyway.

[Truepop]

Thanks for the reply.

So it is possible to set port routing or not?

Edit: Whoa I remember having my 200th post not so long ago what happened? ohh well.

[superlarry]

i think you should be able to do it on the command line with ipfw (the "IP firewall and traffic shaper control program"), but unfortunately i don't know much about it. try "man ipfw" for documentation. you have to run it from the terminal (/Applications/Utilities/Terminal.app). you'll also have to run the commands as root, so either use "sudo" before each command (it will ask for your admin password) or enable root access (i recommend the former because root can break stuff).

the commands will look something like:
ipfw add divert 80 all from any to any via eth0

(eth0 is your built-in ethernet, and ppp0 will be your dialup).
i'm not sure this can be used to switch interfaces as easily as it can be used to switch ports.
to get this stuff to work, you'll have to change IPFORWARDING from -NO- to -YES- in /etc/hostconfig (you'll have to do this as root, too). you can edit this file with "sudo pico /etc/hostconfig").

"sudo ipfw show" will show you a list of the current rules.

probably the most important thing to know: if you mess up, "sudo ipfw -f flush" will force the rules to reset if you mess up or would like to try something again. this will override the "firewall" preferences set in the system preferences (which use ipfw). restarting the machine will reset the ipfw rules to their normal state (in case you, for example, block access to your own machine from your own machine).

humm.. good luck. don't get a headache. and post if you get this to work because it'd be neat :c)

[ghporter]

One reason your school has such a strict firewall is to protect the network from the kind of stuff that can slip in through email, AIM, KaZaA, and so on. I give you two words of advice: Get, run and keep up to date a good antivirus package; and never have both the ethernet connection and the dialup connection on at the same time.

The first item is to protect you from the crap that's out there; yes there is stuff that will hurt Macs. The second item is to let the antivirus package do its thing on what comes in on the dialup so you don't wind up being the "gateway" for a big network infection.

[Truepop]

when I do use my dailup connection and even when I don't, I use the firewall that os x has built in and I have virex but will be switching to norton because I am dropping .mac.

I am not a paranoid person. I have been using macs since 1991, windows since 1996 and I had a commodore64 since I can remember. I have only had one virus on the mac (I don't even think it was a virus...sevendust or 666 extension whatever you want to call it.) and I got a copy of the Cowdog extension from a friend. the one that apple uses for technician test. it is an extension that when installed makes all test files say MOOF! over and over again. great for jokes.

Windows I didn't have too many but I had a virus scanner.

thanks for your replies though. I found many linux commands that would do the job very easily I might add but they are built on to the kernel. I am still looking in to it though.

Jonathan