[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Road Runner and IP Masquerading

Tim,
are you sure that you have your /etc/sysctl.conf setup with the line:
net.inet.ip.forwarding=1

Hope this helps.

-Tor

On Fri, 17 Nov 2000, Tim Martin wrote:

> Hi Folks
> 
> I just got Road Runner installed a couple of weeks ago and it worked fine with a single computer hook up to it.
> 
> I then bought a copy of OpenBSD version 2.7 and broke out my 486/100 mhz, with 128megs of ram and a 6 GB hard drive computer and installed (2) nic, 3c905 (ep0) and it is connected to my cable modem, the second is a 3c509 (xl0) and it is connected to my hub with has 4 workstation connected to it.  The OpenBSD server is very simple.
> 
> I then loaded the OpenBSD to the system and installed all the patches for common, and I386 for version 2.7.  Then I build the kernel for this server installed it new bsd kernel and moved the old to a floppy diskette the server can up fine without any errors.
>    
> When the system got done building the kernel and the new kernel was on running on the server. I read through the OpenBSD FAQ chapter 6 and set up the server to correct setting (I thought I Did)!!!
> 
> Problem:
> 
> I can be at the console and ping, telnet, and FTP to any site I need to.  I can also ping, telnet, and FTP to my redhat server on the inside.  O.K.  (Things are looking good) !!!
> 
> When I got to my laptop or my redhat server I can ping, telnet, and FTP to the OpenBSD server without problems. (great life is looking better) !!!
> 
> But I can ping the nic connected to the cable modem without and problem from the laptop. (BUT I CAN GET ANY INFORMATION TO GO OUT AND COME BACK IN) !!!!
> 
> (HELP ... HELP ... HELP ...) the wife is getting mad because she can not surf the web.
> 
> Please could someone help me find answer to my problem...
> 
> Information to help with the problem:
> 
> (1) /etc/ifconfig -am 
> 
> <snap>
> lo0: flags=8009<UP,LOOPBACK,MULTICAST> mtu 32972
> 	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
> 	inet6 ::1 prefixlen 128
> 	inet 127.0.0.1 netmask 0xff000000 
> lo1: flags=8008<LOOPBACK,MULTICAST> mtu 32972
> xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> 	media: Ethernet autoselect (10baseT)
> 	status: active
> 	inet 192.168.252.10 netmask 0xffffff00 broadcast 192.168.252.255
> 	inet6 fe80::210:4bff:fe63:9231%xl0 prefixlen 64 scopeid 0x1
> ep0: flags=8863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> 	media: Ethernet 10baseT
> 	inet6 fe80::260:8cff:fef1:71e1%ep0 prefixlen 64 scopeid 0x2
> 	inet 24.88.246.182 netmask 0xfffffe00 broadcast 255.255.255.255
> <snap>
> 
> (2) /etc/ipf.rules
> 
> # edit the ipfilter= line in /etc/rc.conf to enable IP filtering
> # 
> # I edit the rc.conf file and change the above to yes
> #
> # Being of the ipf.rules
> #
> pass in from any to any
> pass out from any to any
> #
> # End of ipf.rules
> 
> (3) /etc/ipnat.rules
> 
> # edit the ipnat= line in /etc/rc.conf to enable Network Address Translation
> #
> # I edit the rc.conf file and change the above to yes
> #
> # Being of the ipnat.rules
> #
> map xl0 192.168.252.0/24 -> 24.88.246.0/32 portmap tcp/udp 10000:60000
> map xl0 192.168.252.0/24 -> 24.88.246.0/32
> #
> # map xl0 192.168.252.0/24 -> 24.88.246.0/32 proxy port ftp ftp/tcp
> #
> # End of the ipnat.rules
> #
> 
> (4) route -n show
> 
> Routing tables
> 
> Internet:
> Destination      Gateway            Flags 
> default          24.88.246.1        UG     
> 24.88.246.0      link#2             U      
> 24.88.246.1      0:30:80:76:b8:8c   UH     
> 24.88.246.182    127.0.0.1          UGH    
> 127.0.0.0        127.0.0.1          UG     
> 127.0.0.1        127.0.0.1          UH     
> 192.168.252.0    link#1             U      
> 198.168.252.10   127.0.0.1          UGH    
> 224.0.0.0        127.0.0.1          U      
> 
> Internet6:
> Destination      Gateway            Flags 
> default          ::1                UG     
> default          ::1                UG     
> ::1              ::1                UH     
> ::127.0.0.0      ::1                UG     
> ::224.0.0.0      ::1                UG     
> ::255.0.0.0      ::1                UG     
> ::ffff:0.0.0.0   ::1                UG     
> 2002::           ::1                UG     
> 2002:7f00::      ::1                UG     
> 2002:e000::      ::1                UG     
> 2002:ff00::      ::1                UG     
> fe80::           ::1                UG     
> fe80::%xl0       link#1             U      
> fe80::%ep0       link#2             U      
> fe80::%lo0       fe80::1%lo0        U      
> fec0::           ::1                UG     
> ff01::           ::1                U      
> ff02::%xl0       link#1             U      
> ff02::%ep0       link#2             U      
> ff02::%lo0       fe80::1%lo0        U
> 
> The (4) things we hope to have the OpenBSD server to do are:
> 
> 1 - surf the internet.
> 2 - ftp to and from the internet.
> 3 - telnet to and from the internet.
> 4 - Keep all OTHER'S out of the my in house network.
> 
> Thank's for your time & assistance.
> 
> Tim and Terry Martin
> EMail: tamartin@i-love-cats.com
> Fax (919) 872-2524
> 
> ==
> 
> ============================================
> Tim & Terry Martin
> Email:  tamartin@I-Love-Cats.com
> FAX:    919.872.2524
> ============================================
> 
> _____________________________________________________________
> =^..^= WIN A YEAR OF FREE CAT FOOD!!!
> http://www.i-love-cats.com/contest.html
>