port-arm32: IP-masquerading on RiscBSD v1.3a

Subject: IP-masquerading on RiscBSD v1.3a
To: None <port-arm32@NetBSD.ORG>
From: Ib-Michael Martinsen <imm@riscpc.dk>
List: port-arm32
Date: 06/21/1998 17:37:39
Hello there.

I have build a small network with the following layout:

Machine		OS		network-address
RiscPC		RiscBSD		192.168.0.1
PC		Win95		192.168.0.2
A410		RISC OS		192.168.0.3

The RiscPC acts as the internet-gateway via a ppp-connection
to my ISP. I would like to be able to access the internet from
the PC and the A410 and have read that IP-masquerading is the
proper technique for this. A search for IP-masquerading gave
me some LINUX howto's on the subject, which I have read.

In LINUX you use the command ipfwadm to set up masquerading,
but unfortunately this command is not present in my version
of RiscBSD. I found ipf on RiscBSD to be the nearest lookalike
to ipfwadm, although the man-pages does not mention anything
about masquerading. Can anybody provide me with a suitable
example on how to do it?

Anyway, I made the following ipf.conf file:

<Start of file>
# block all inbound packets
block in log all

# but allow incoming to 192.168.0.x
pass in from any to 192.168.0.1/255.255.255.0
pass in from any to 192.168.0.2/255.255.255.0

# log all outgoing traffic
log out all
<End of file>


but when I execute the command: ipf -f ipf.conf
I get the error:

root@nethotel:/etc => ipf -f ipf.conf
open device: Device not configured
ioctl(SIOCADDFR): Bad file descriptor
ioctl(SIOCADDFR): Bad file descriptor
ioctl(SIOCADDFR): Bad file descriptor
ioctl(SIOCADDFR): Bad file descriptor


Likewise the ipfstat command gives the following error:

root@nethotel:/etc => ipfstat
open: Device not configured

According to the man pages the standard device is /dev/ipl
which (among others) is defined as 


root@nethotel:/etc => ll /dev/i* 
crw-------  1 root  wheel   42,   0 Mar  2 19:32 /dev/iic
crw-------  1 root  wheel   46,   3 Mar  2 19:33 /dev/ipauth
crw-------  1 root  wheel   46,   0 Mar  2 19:33 /dev/ipl
crw-------  1 root  wheel   46,   1 Mar  2 19:33 /dev/ipnat
crw-------  1 root  wheel   46,   2 Mar  2 19:33 /dev/ipstate


What do I have to do to get ipf and ipfstat to work?


Best regards
   Ib-Michael
-- 
Ib-Michael Martinsen		Email at work: dtpimm@dsg.dk
Fidomail:      2:234/181.9	Email at home: imm@nethotel.dk

Running RiscBSD v1.3a on an Acorn RiscPC with a 202.4 MHz StrongArm processor.

-- 
Ib-Michael Martinsen		Email at work: dtpimm@dsg.dk
Fidomail:      2:234/181.9	Email at home: imm@nethotel.dk

Running RiscBSD v1.3a on an Acorn RiscPC with a 202.4 MHz StrongArm processor.