IP Masquerading Problems

thomas.lawenius@lkp.frontec.se (hayward@slothmud.org)
Thu, 6 Aug 1998 08:29:42 -0500 (CDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: browstev@cgowave-8-102.cgocable.net: "Samba problem.. Dir/file not found or doesn't exist"
Previous message: thomas.lawenius@lkp.frontec.se: "HostNameServer"

Hello Everyone,

I'm trying to setup masquerading between a class B network 172.16.0.0, and
the internet on a class C address.

I manually set up all IN and OUT rules for each interface, following the
IP-Masquearding HOWTO. I also setup each rule with "-o" for debugging
purposes.

After setting it all up, I am only seeing the loging for fw-in on the
internal network. There is no message indicating a packet being
masqueraded , or going OUT on the external interface.

First question: Will ipfwadm -F -a m return error if masq isn't working
and configured in the kernel?

ipfwadm -M -l shows no masquerading entries.

ipfwadm -F -l
type prot source dest ports
acc/m all 172.16.0.0/16 anywhere n/a
deny all anywhere anywhere n/a

Any help is greatly appreciated...

here is the script I use to setup ip masquerading:

# input ipfwadm rules
ipfwadm -I -f
ipfwadm -I -p deny
ipfwadm -I -a accept -V 172.16.13.17 -S 172.16.0.0/16 -D 0.0.0.0/0 -o
ipfwadm -I -a deny -V Internet_IP -S 172.16.0.0/16 -D 0.0.0.0/0 -o
ipfwadm -I -a accept -V Internet_IP -S 0.0.0.0/0 -D Internet_IP/32 -o
ipfwadm -I -a accept -V 127.0.0.1 -S 0.0.0.0/0 -D 0.0.0.0/0 -o
ipfwadm -I -a deny -S 0.0.0.0/0 -D 0.0.0.0/0 -o
#output ipfwadm rules
ipfwadm -O -f
ipfwadm -O -p deny
ipfwadm -O -a accept -V 172.16.13.17 -S 0.0.0.0/0 -D 172.16.0.0/32 -o
ipfwadm -O -a deny -V Internet_IP -S 0.0.0.0/0 -D 172.16.0.0/32 -o
ipfwadm -O -a deny -V Internet_IP -S 172.16.0.0/16 -D 0.0.0.0/0 -o
ipfwadm -O -a deny -V Internet_IP -S 0.0.0.0/0 -D 172.16.0.0/16 -o
ipfwadm -O -a accept -V Internet_IP -S Internet_IP/32 -D 0.0.0.0/0 -o
ipfwadm -O -a accept -V 127.0.0.1 -S 0.0.0.0/0 -D 0.0.0.0/0 -o
ipfwadm -O -a deny -S 0.0.0.0/0 -D 0.0.0.0/0 -o
# routing (masq) rules
ipfwadm -F -f
ipfwadm -F -p deny
ipfwadm -F -a masquerade -V Internet_IP -S 172.16.0.0/16 -D 0.0.0.0/0 -o
ipfwadm -F -a deny -S 0.0.0.0/0 -D 0.0.0.0/0 -o

--- Brian Hayward hayward@slothmud.org http://www.slothmud.org/~hayward/mic_humor.html -- Microsoft Humor (Last Updated: Aug 4, 1998) A computer without Windows is like a fish without a bicycle.

- To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.rutgers.edu

Next message: browstev@cgowave-8-102.cgocable.net: "Samba problem.. Dir/file not found or doesn't exist"
Previous message: thomas.lawenius@lkp.frontec.se: "HostNameServer"