Subject: IPNAT problem
To: None <netbsd-help@netbsd.org>
From: Oliver <oliverko@dialup.nacamar.de>
List: netbsd-help
Date: 11/18/1999 09:27:59
This is a multi-part message in MIME format.
------=_NextPart_000_000B_01BF31A7.34051130
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Hello,
I've installed NetBSD 1.3.2 (I know its obsolet but I will migrate if I =
get the 1.4.1 version on CD). This box is intended to be a dialup server =
for my other hosts.
MyISP <--> modem <--> NetBSD box (192.168.1.1) <--> ethernet <--> =
FreeBSD box (192.168.1.6)
=20
What I did:
1. patched the kernel for ipnat bug (diff-ipnat.gz)
2. recompiled the kernel with GATEWAY option
3. in rc.conf set IPFILTER to YES
4. create empty /etc/ipf.conf
5. in /etc/netstart
if [ -f /etc/ipnat.conf ]; then
/usr/sbin/ipnat -f /etc/ipnat.conf
fi
6. in /etc/ipnat.conf
map ppp0 192.168.1.0/24 -> 0.0.0.0/32 portmap tcp/udp 10000:40000
7. setup pppd with demand option
8. in rc.conf defaultroute=3D"", ppp_peers=3Dnacamar
If I start a ftp session to ftp.netbsd.org all works fine but if I try =
the same from the FreeBSD box the NetBSD system makes a connection to my =
ISP but nothing returns (no ftp login). The command ipnat -l (on dialup =
server) prints:
192.168.1.6 1029 <--> 62.144.243.25 1029
192.168.1.6 1028 <--> 62.144.243.25 1028
192.168.1.6 1027 <--> 62.144.243.25 1027
Shouldn't be the ports between 10000 and 40000.
A other strange behaviour. If I make a telnet from FreeBSD to NetBSD the =
NetBSD box brings up the ppp0 to the ISP. Why? The /etc/resolv.conf =
looks on both systems like:
lookup file bind
domain network.de
nameserver 195.185.185.195
name server 194.162.141.17
the /etc/hosts file
192.168.1.1 a21064.network.de a21064 (FreeBSD)
192.168.1.6 k6v1fb k6v1fb.network.de
What could I do in order to fix the problems (maybe they are related to =
each other).
thanx,
Oliver
------=_NextPart_000_000B_01BF31A7.34051130
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Diso-8859-1" =
http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.2314.1000" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Hello,</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>I've installed NetBSD 1.3.2 (I know its =
obsolet but=20
I will migrate if I get the 1.4.1 version on CD). This box is intended =
to be a=20
dialup server for my other hosts.</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>MyISP <--> modem <--> =
NetBSD box=20
(192.168.1.1) <--> ethernet <--> FreeBSD box=20
(192.168.1.6)</FONT></DIV>
<DIV><FONT face=3DArial size=3D2> =20
=
=20
</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>What I did:</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>1. patched the kernel for ipnat bug=20
(diff-ipnat.gz)</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>2. recompiled the kernel with GATEWAY=20
option</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>3. in rc.conf set IPFILTER to =
YES</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>4. create empty =
/etc/ipf.conf</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>5. in /etc/netstart</FONT></DIV>
<DIV><FONT face=3DArial size=3D2> if [ -f =
/etc/ipnat.conf ];=20
then</FONT></DIV>
<DIV><FONT face=3DArial size=3D2> =20
/usr/sbin/ipnat -f /etc/ipnat.conf</FONT></DIV>
<DIV><FONT face=3DArial size=3D2> fi</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>6. in /etc/ipnat.conf</FONT></DIV>
<DIV><FONT face=3DArial size=3D2> map ppp0 =
192.168.1.0/24 ->=20
0.0.0.0/32 portmap tcp/udp 10000:40000</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>7. setup pppd with demand =
option</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>8. in rc.conf defaultroute=3D"",=20
ppp_peers=3Dnacamar</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>If I start a ftp session to <A=20
href=3D"ftp://ftp.netbsd.org">ftp.netbsd.org</A> all works fine but if I =
try the=20
same from the FreeBSD box the NetBSD system makes a connection to my ISP =
but=20
nothing returns (no ftp login). The command ipnat -l (on dialup server)=20
prints:</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>192.168.1.6 1029 =
<-->=20
62.144.243.25 1029</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>192.168.1.6 1028 =
<-->=20
62.144.243.25 1028</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>
<DIV><FONT face=3DArial size=3D2>192.168.1.6 1027 =
<-->=20
62.144.243.25 1027</FONT></DIV>
<DIV> </DIV>
<DIV>Shouldn't be the ports between 10000 and 40000.</DIV>
<DIV> </DIV>
<DIV>A other strange behaviour. If I make a telnet from FreeBSD to =
NetBSD the=20
NetBSD box brings up the ppp0 to the ISP. Why? The /etc/resolv.conf =
looks on=20
both systems like:</DIV>
<DIV> </DIV>
<DIV>lookup file bind</DIV>
<DIV>domain network.de</DIV>
<DIV>nameserver 195.185.185.195</DIV>
<DIV>name server 194.162.141.17</DIV>
<DIV> </DIV>
<DIV>the /etc/hosts file</DIV>
<DIV> </DIV>
<DIV>192.168.1.1 a21064.network.de =20
a21064 (FreeBSD)</DIV>
<DIV> </DIV>
<DIV>192.168.1.6 k6v1fb =20
k6v1fb.network.de</DIV>
<DIV> </DIV>
<DIV>What could I do in order to fix the problems (maybe they are =
related to=20
each other).</DIV>
<DIV> </DIV>
<DIV>thanx,</DIV>
<DIV>Oliver</DIV></FONT></DIV></BODY></HTML>
------=_NextPart_000_000B_01BF31A7.34051130--