Subject: Please Help with IPNAT and NetBSD/Alpha
To: None <port-alpha@netbsd.org>
From: Sean J. Schluntz <schluntz@pacbell.net>
List: port-alpha
Date: 03/08/1999 09:07:11
I'm currently running: NetBSD 1.3H (GENERIC) #16: Tue Oct 20 16:49:51 PDT
1998
I've followed the directions on the NetBSD FAQ IP-NAT How-To
(http://radon.moof.ai.mit.edu/~armenb/ipnat.html), except for the part
about creating the netstart.local as I noticed that the support for IPNAT
has been added to the standard startup scripts (and netstart.local runs
_before_ the critical file systems are mounted so ipnat can't be found
anyway.)
Right now the system can see my internal network. And it can see the
outside world, but it does not pass the bits along. I have it running
named for my local domain, and it passes on the requests for other domain
correctly, but I can't ping/telnet or ftp to any of them from any of the
computers on the inside of my network (and yes the gateway is setup
correctly on the internal systems.) I don't understand why it's not
working. Do I have to turn on gated like you have to for the FreeBSD
user-ppp?
Here is my current setup:
Running NetBSD v1.3H on a Dec Multia. Currently using the stock install
of everything but games and X. de0 is attached to the cable modem (Static
IP) and de1 is attached to my internal lan.
Ifconfig shows:
de0: flags=8863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST> mtu
1500
address: 08:00:2b:e4:48:8d
media: Ethernet 10baseT
status: active
inet 24.0.78.216 netmask 0xffffff00 broadcast 24.0.78.255
de1: flags=8863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST> mtu
1500
address: 00:00:c0:5e:b3:0b
media: Ethernet 10baseT
status: active
inet 10.0.0.100 netmask 0xffffff00 broadcast 10.0.0.255
lo0: flags=8009<UP,LOOPBACK,MULTICAST> mtu 33200
My rc.conf has the following entries:
# Networking startup
ipfilter=YES # uses /etc/ipf.conf
ipnat=YES # uses /etc/ipnat.conf
ipmon=NO ipmon_flags="-sn" # syslog ipfilter messages
# Routing daemons
routed=NO routed_flags="-q"
gated=NO gated_flags=""
mrouted=NO mrouted_flags=""
My ipf.conf file is blank
My ipnat.conf file:
map de0 10.0.0.100/24 -> 24.0.78.216/32 portmap tcp/udp 10000:40000
map de0 10.0.0.100/24 -> 24.0.78.216/32
map de0 10.0.0.100/24 -> 24.0.78.216/32 proxy port ftp ftp/tcp
The display on boot shows: (what was on the screen, not what is in dmegs
which are different. Also I've added the -v to ipnat so it shows what
it's doing.)
...
hostname: c956029-a.haywd2.sfba.home.com
de0: enabling 10baseT port
installing packet filter rules ...
IP Filter: initialized. Default = pass all, Logging = disabled
Configuring network interface: de0de0: enabling 10baseT port de1de1:
enabling 10baseT port
add net default: gateway 24.0.78.1
adding interface aliases:
installing NAT rules ...
map de0 10.0.0.0/24 -> 24.0.78.216/32 portmap tcp/udp 10000:40000
0x0 0 0.0.0.0 0 3
map de0 10.0.0.0/24 -> 24.0.78.216/32
0x0 0 0.0.0.0 0 0
map de0 10.0.0.0/24 -> 24.0.78.216/32 proxy port ftp ftp/tcp
0x0 0 0.0.0.0 0 0
start system logger.
...
What you see from ipnat -l:
ttyp0 c956029-a-root> ipnat -l
List of active MAP/Redirect filters:
map de0 10.0.0.0/24 -> 24.0.78.216/32 portmap tcp/udp 10000:40000
map de0 10.0.0.0/24 -> 24.0.78.216/32
map de0 10.0.0.0/24 -> 24.0.78.216/32 proxy port 21 ftp/tcp
List of active sessions:
What you see from ipnat -s:
ttyp0 c956029-a-root> ipnat -s
mapped in 0 out 0
added 0 expired 0
inuse 0
rules 3
Any help would be greatly appricheated!
Thanks,
-Sean.
---
Sean J. Schluntz schluntz@agames.com
Sr. Office Systems Administrator 408-434-5804
Atari Games Corporation http://www.agames.com
Mountain Dew and doughnuts...because breakfast is the most
important meal of the day. - ???