Cable Modems on OpenBSD

RoadRunner

I needed to set up a gateway, so that we could share the 1 ip address from Warner. The first task was to get the OpenBSD gateway to work with the cable modem on it's own. The first thing I did was run dhclient This gave me a valid ip address, netmask, gateway, etc. If you wanted to try to keep an ip address, you could now enter the information you received from dhcp into /etc/hostname.*, /etc/mygate, etc. Otherwise, you can just put the line:


dhcp NONE NONE NONE

in /etc/hostname.* where * is the device name of your nic.

You are going to need to install rrlogind, which you can get from http://www.vortech.net/rrlinux/ You will first need to run the rrconf utility, and then rrlogind. I modified /etc/rc.local to run rrlogind:


if [ -x /usr/local/bin/rrlogind ]; then
        echo -n ' rrlogind';    /usr/local/bin/rrlogind
fi

note: this method only works in rrlogind v2.0 and above. In earlier versions, you have to specify all of the configuration information on the command line.

You are also going want to enter a local ip alias into /etc/ifaliases..for ex:


xl0	192.168.254.254 255.255.255.0

NAT

Okay, so now we can access the internet from the gateway, and can access the gateway from the intranet? Great! Now it's time to set up ipf and ipNAT. First of all, remember that /usr/share/ipf is full of good examples, but what we are trying to do it pretty simple.

First you want to set ipfilter=YES and ipnat=YES in /etc/rc.conf. You will also want to uncomment the line "#net.inet.ip.forwarding=1" in /etc/sysctl.conf.
The default /etc/ipf.rules should work fine for you, but in case you lost it:


pass in from any to any
pass out from any to any

Now you'll need to edit /etc/ipnat.rules. Here are my rules:


# map internal addresses to external address on xl0
map xl0 192.168.254.0/24 -> xl0/32 portmap tcp 1025:60000
map xl0 192.168.254.0/24 -> xl0/32

# redirect connections from internal machines, to appropriate internal machine

# ftp
rdr xl0 192.168.254.0/24 port 21 -> 192.168.254.0 port 21

# ssh
rdr xl0 192.168.254.0/24 port 22 -> 192.168.254.0 port 22

# telnet
rdr xl0 192.168.254.0/24 port 23 -> 192.168.254.0 port 23

# smtp
rdr xl0 192.168.254.0/24 port 25 -> 192.168.254.0 port 25

Client Configuration

To configure the client machines, just specify the gateway's local ip (what you put in /etc/ifaliases) as the gateway in the TCP/IP configuration.