Very Computer

by **Henrik Uhrenfeld** » Sat, 11 Oct 1997 04:00:00

I have configured and recompiled my system for firewalling, IP masquerade
(and more) and obtained the ipfwadm command, and following af howto-file,
I have setup a masquerading. Now my problem is that NOTHING is happening
from the "local" net - not even DNS works.

My config is as follows:

eth0: connected to the internet via a intranet/proxy system. This is the
network that should be accesible via ip masq.
IP: 10.0.171.91, MASK: 255.0.0.0

eth1: the LAN that should have access to the other net.
IP: 172.16.0.1, MASK: 255.255.255.0

I have tried issuing the ipfwadm command, but appareantly it doesn't work.
How SHOULD it be issued?

Thanks!

Msg. from

------------------------------------------

* Department of Communication Technology *
* D3-group 321, room A4-217, Fr.B 7A *
* www.geocities.com/Yosemite/Rapids/1025 *
------------------------------------------

by **Richard Emerso** » Sun, 12 Oct 1997 04:00:00

> I have configured and recompiled my system for firewalling, IP masquerade
> (and more) and obtained the ipfwadm command, and following af howto-file,
> I have setup a masquerading. Now my problem is that NOTHING is happening
> from the "local" net - not even DNS works.

> My config is as follows:

> eth0: connected to the internet via a intranet/proxy system. This is the
> network that should be accesible via ip masq.
> IP: 10.0.171.91, MASK: 255.0.0.0

> eth1: the LAN that should have access to the other net.
> IP: 172.16.0.1, MASK: 255.255.255.0

> I have tried issuing the ipfwadm command, but appareantly it doesn't work.
> How SHOULD it be issued?

> Thanks!

> Msg. from

> ------------------------------------------

> * Department of Communication Technology *
> * D3-group 321, room A4-217, Fr.B 7A *
> * www.geocities.com/Yosemite/Rapids/1025 *
> ------------------------------------------

Hi,
This is a general config.

ipfwadm-F -a m -S 172.16.0.2/32 -D 0.0.0.0/0 (note ip address is
address of workstation you want to allow through. for each additional
address run it again with their ip.

Also make sure clients have Linux box as their gateway. Use your isp's
nameservers, unless you have your own.

Hope this helps
Richard
--
* Richard Emerson
* Emerson Network Consulting
* Thermopolis, WY

* http://w3.trib.com/~riche/

by **Henrik Uhrenfeld** » Sun, 12 Oct 1997 04:00:00

<SNIP>
> > My config is as follows:

> > eth0: connected to the internet via a intranet/proxy system. This is the
> > network that should be accesible via ip masq.
> > IP: 10.0.171.91, MASK: 255.0.0.0

> > eth1: the LAN that should have access to the other net.
> > IP: 172.16.0.1, MASK: 255.255.255.0

> Hi,
> This is a general config.

> ipfwadm-F -a m -S 172.16.0.2/32 -D 0.0.0.0/0 (note ip address is
> address of workstation you want to allow through. for each additional
> address run it again with their ip.

> Also make sure clients have Linux box as their gateway. Use your isp's
> nameservers, unless you have your own.

Thanks a lot... Anyway I've got it running now - so naturally I'm
interested in making programs "go through" it. WEB traffic and FTP through
Netscape seems fine - so does telnet.

Then I start a primitive standalone ftp-client, I log in to the local
sunsite (placed outside the masquerade) and recieve a welcome message. Now
when I try to do a listing, the client hangs (or waits REALLY long). Why
is that, and can I reconfigure the Linux box to support such connections?

------------------------------------------

* Department of Communication Technology *
* D3-group 321, room A4-217, Fr.B 7A *
* www.geocities.com/Yosemite/Rapids/1025 *
------------------------------------------

Very Computer

IP Masquerade - HELP!!!

IP Masquerade - HELP!!!

IP Masquerade - HELP!!!

IP Masquerade - HELP!!!