Thanks a lot Kevin - I'm sure I understand everything you had me do (I really
need to bone up on TCPIP addressing!) - but it did the trick.
Don't hate me because I have a cable modem, hate your cable company for not
offering the service yet. It REALLY is great (incredibly fast, stuff that
would take 4-5 hours on 56K take a couple of minutes now!), and compared to
putting in a dedicated phone line for the modem and paying about $15/month for
a dial-up ISP - it works out to be about the same price!
Beat up your cable company and get them going on this, or explore the other
options available to you. I hear the price of DSL and other services is
coming down (but most can't offer as good a deal as cable modem access).
By the way, thanks for the warning on the firewall. My firewall is pretty
basic, it says:
ipchains -P forward DENY
ipchains -A forward -s 192.168.0.0/24 -j MASQ
So I'm only allowing access to the 192.168.0.x users, right? I see a log in
/var/log called secure and a lot of stuff like:
Mar 17 18:10:14 VBOX in.telnetd[2400]: connect from 216.165.190.47
Does that mean that somebody actually telneted into my system (VBOX) and
established a session? Where are security violations and/or remote accesses
logged in Linux?
-Thanks again for your help.
-Mike
>>>I have a strange problem. I have a cable modem with IP address 24.128.20.34
>>>and I'm setting the netmask to 255.255.255.255 (I think it is supposed to be
>>>255.255.252.0 - but perhaphs you can tell me).
>Netmask 255.255.252.0 would be the equivalent of 4 class Cs -- you're
>sharing address space with addresses from 24.128.20.0 through 24.128.23.255.
>That is probably the case.
>(Make sure you've got a good firewall setup in your masq rules; you're
>opening your kimono to a thousand or so of your neighbors.)
>>>In /etc/sysconfig/network-scripts ifup is attempting to execute:
>>>'route add default gw 24.128.20.34 eth0'
>The MODEM's address is 24.128.20.34. Your PC's address has to be something
>else. (Or did the cable co. tell you to make your PC .34 and the modem's
>address is something else, like .33 or .35?)
>>>and receives message:
>>>'route: netmask doesn't match route address'
>A netmask of 255.255.255.255 means that you are addressing only a single
>device. It may be working as you claim, but dipped if I can see how!
>Your other boxes are, I hope, using a valid local-only address such as
>192.168.0.x and you're masquerading them out to the 24.128 network...?
>>>As info, the following values exist in ifup at this time (I traced them):
>>>Network: 24.128.20.34
>Should probably be 24.128.20.0
>>>IPAdr: 24.128.20.34
>>>Netmask: 255.255.255.255
>But your cable co. told you 255.255.252.0, didn't they?
>>>Broadcast: 24.128.20.34
>Probably should be 24.128.23.255.
>A netmask defines a range of addresses. By convention the lowest number in
>the range is the "network" address, and the highest is the "broadcast"
>address. You can talk to any machine within that range by default, without
>adding a special route; but to get outside of the local network, you have to
>have a gateway address, which in this case should be your cable modem's
>address: route add default gw 24.128.20.34 1
>(The trailing 1 means "cost metric 1")
>Your other boxes, the ones for which you're masquerading, should be on a
>different, non-routing address block, such as 192.168.0.x, and your
>masquerade will route packets between the 24. block and the 192.168 block.
>That's what the masquerade is _for_. To your other boxes, the Linux box is
>the gateway (and I'd put its internal interface at 192.168.0.1); but to your
>Linux box, the cable modem is the gateway (and it has to be at
>24.128.20.34 because that's where the cable co. put it).
>So:
>ifconfig eth0 192.168.0.1 netmask 255.255.255.0
>route add default gw 24.128.20.34 1
>Hope that helps. I hate you, by the way, 'cause I won't have cablenet for
>at least two years, if ever. :-(
by