port-i386: Re: router

Subject: Re: router
To: Dr. Richard Lin <lin@mail.nsysu.edu.tw>
From: David Vyskocil <david.vyskocil@wanadoo.fr>
List: port-i386
Date: 04/08/2002 14:12:35

I've configured up a box as a host/router by setting IPNAT and IPF.
- IPNAT to route my local network (2 ethernet cards) and Internet (ADSL
modem)
- IPF to act as a firewall

#cat /etc/ipnat.conf
map tun0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp
map tun0 192.168.1.0/24 -> 0/32 portmap tcp/udp 40000:60000
map tun0 192.168.1.0/24 -> 0/32
map tun0 192.168.2.0/24 -> 0/32 proxy port ftp ftp/tcp
map tun0 192.168.2.0/24 -> 0/32 portmap tcp/udp 40000:60000
map tun0 192.168.2.0/24 -> 0/32

#cat /etc/ipf.conf
pass in from any to any
pass out from any to any

#cat /etc/hosts
::1                    localhost
127.0.0.1        localhost
192.168.1.1     routeur.home     routeur
192.168.2.1     routeur.home     routeur
...

You must enable packet forwarding and some misc stuff in kernel.
Look at /usr/share/examples/ipf/ for some examples.

> Dear All,
>
> I would like to run a host as a router, but I need not run the RIP in the
> router (i.e., I would use the static routing table). Which daemon should I
> run in the router? (routed, gated or others) Thanks.
>
> -Richard
>
>