Re: IPmasquerading HELP for LINUX server EMERGENCY
*- Bruce Jackson wrote about "IPmasquerading HELP for LINUX server EMERGENCY"
| I am having a huge problem with ipmasquerading. My network and ppp
| connection appears to works by themselves. Once I try to use
| ipmasquerading I cannont do anything. I cannot connect to anything
| (either LAN or Internet) I use a modem to access the Internet. When
| ipmasquerading is turned on I cannot ping, traceroute, or use DNS for
| LAN or Internet. I am really starting to pull my hair out as this is
| absolutely necessary for using this Linux box to connect the LAN at work
| to the Internet. If I cannot get this to work, it will be back to NT.
| WE DON`T WANT THAT. Please if anyone can give step by step instructions
| for setting up ipmasquerading using PPP over a modem connection I would
| be very greatfull. I have looked at the ipmasquerading HOW-TO and it is
| very poorly written and not very helpful. I have looked in dejanews to
| no avail. I have tried setting it up by hand and using the dotfile
| generator. Nothing has worked so far.
This is my setup.
Win95 - eth0 - Linux - ppp0 - ISP
For the kernel config you need to have the following set(at least) and
then build a new kernel and reboot.
# Networking options
#
CONFIG_FIREWALL=y
# CONFIG_NET_ALIAS is not set
CONFIG_INET=y
CONFIG_IP_FORWARD=y
# CONFIG_IP_MULTICAST is not set
# CONFIG_SYN_COOKIES is not set
CONFIG_IP_FIREWALL=y
# CONFIG_IP_FIREWALL_VERBOSE is not set
CONFIG_IP_MASQUERADE=y
#
# Protocol-specific masquerading support will be built as modules.
#
# CONFIG_IP_MASQUERADE_IPAUTOFW is not set
# CONFIG_IP_MASQUERADE_ICMP is not set
# CONFIG_IP_TRANSPARENT_PROXY is not set
CONFIG_IP_ALWAYS_DEFRAG=y
# CONFIG_IP_ACCT is not set
# CONFIG_IP_ROUTER is not set
# CONFIG_NET_IPIP is not set
Then put the following somewhere, I have it in /etc/init.d/network.
ifconfig eth0 192.168.1.1 netmask 255.255.255.0 up
route add -net 192.168.1.0 netmask 255.255.255.0 eth0
ipfwadm -F -p deny
ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0
You should also add your other hosts to your /etc/hosts file.
Thats it. It works for me. I gathered all this from the ethernet,
net-3, and ipmasq howto's.
Good luck,
--
Brian
---------------------------------------------------------------------
"Never criticize anybody until you have walked a mile in their shoes,
because by that time you will be a mile away and have their shoes."
- unknown
Mechanical Engineering servis@purdue.edu
Purdue University http://www.ecn.purdue.edu/~servis
---------------------------------------------------------------------
Reply to: