Re: IPmasquerading HELP for LINUX server EMERGENCY

To: bjackson@pobox.com
Cc: debian-user@lists.debian.org
Subject: Re: IPmasquerading HELP for LINUX server EMERGENCY
From: servis@purdue.edu
Date: Wed, 2 Sep 1998 07:23:25 -0500 (EST)
Message-id: <[🔎] E0zEBwh-0006Jh-00@brian.servis.snet>
Reply-to: servis@purdue.edu
In-reply-to: <[🔎] 35ED3193.EF901E35@pobox.com>

*- Bruce Jackson wrote about "IPmasquerading HELP for LINUX server  EMERGENCY"
| I am having a huge problem with ipmasquerading.  My network and ppp
| connection appears to works by themselves.  Once I try to use
| ipmasquerading I cannont do anything.  I cannot connect to anything
| (either LAN or Internet)  I use a modem to access the Internet.  When
| ipmasquerading is turned on I cannot ping, traceroute, or use DNS for
| LAN or Internet.  I am really starting to pull my hair out as this is
| absolutely necessary for using this Linux box to connect the LAN at work
| to the Internet.  If I cannot get this to work, it will be back to NT. 
| WE DON`T WANT THAT.  Please if anyone can give step by step instructions
| for setting up ipmasquerading using PPP over a modem connection I would
| be very greatfull.  I have looked at the ipmasquerading HOW-TO and it is
| very poorly written and not very helpful.  I have looked in dejanews to
| no avail.  I have tried setting it up by hand and using the dotfile
| generator.  Nothing has worked so far.


This is my setup. 

Win95 - eth0 - Linux - ppp0 - ISP


For the kernel config you need to have the following set(at least) and
then build a new kernel and reboot.

# Networking options
#
CONFIG_FIREWALL=y
# CONFIG_NET_ALIAS is not set
CONFIG_INET=y
CONFIG_IP_FORWARD=y
# CONFIG_IP_MULTICAST is not set
# CONFIG_SYN_COOKIES is not set
CONFIG_IP_FIREWALL=y
# CONFIG_IP_FIREWALL_VERBOSE is not set
CONFIG_IP_MASQUERADE=y

#
# Protocol-specific masquerading support will be built as modules.
#
# CONFIG_IP_MASQUERADE_IPAUTOFW is not set
# CONFIG_IP_MASQUERADE_ICMP is not set
# CONFIG_IP_TRANSPARENT_PROXY is not set
CONFIG_IP_ALWAYS_DEFRAG=y
# CONFIG_IP_ACCT is not set
# CONFIG_IP_ROUTER is not set
# CONFIG_NET_IPIP is not set


Then put the following somewhere, I have it in /etc/init.d/network.

ifconfig eth0 192.168.1.1 netmask 255.255.255.0 up
route add -net 192.168.1.0 netmask 255.255.255.0 eth0
ipfwadm -F -p deny
ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0

You should also add your other hosts to your /etc/hosts file.

Thats it.  It works for me.  I gathered all this from the ethernet,
net-3, and ipmasq howto's.

Good luck,

-- 
Brian 
---------------------------------------------------------------------
"Never criticize anybody until you have walked a mile in their shoes,  
 because by that time you will be a mile away and have their shoes." 
							   - unknown  

Mechanical Engineering                              servis@purdue.edu
Purdue University                   http://www.ecn.purdue.edu/~servis
---------------------------------------------------------------------

Reply to:

Follow-Ups:
- Re: IPmasquerading HELP for LINUX server EMERGENCY
  - From: Michael Beattie <mickyb@es.co.nz>

References:
- IPmasquerading HELP for LINUX server EMERGENCY
  - From: Bruce Jackson <bjackson@pobox.com>

Prev by Date: IPmasquerading HELP for LINUX server EMERGENCY
Next by Date: Re: locking kernel, bzImage and zImage same size?
Previous by thread: IPmasquerading HELP for LINUX server EMERGENCY
Next by thread: Re: IPmasquerading HELP for LINUX server EMERGENCY
Index(es):
- Date
- Thread