IP MASQ Setup
James Applebaum
yellowdog-general@lists.terrasoftsolutions.com
Thu Jan 2 07:11:01 2003
Trying to setup my Linux server to be the dial out gateway for my home
network.
I have the server setup and it successfully dials out with: ifup ppp0
(see below)
Can't seem to get IP Masq to work.... I have included # ifconfig,
rc.local, dhcpd.conf, # dmesg|less
Any help would be appreciated.
________________________________________________
# ifconfig
eth0 Link encap:Ethernet HWaddr 00:A0:CC:63:00:3F
inet addr:192.168.1.5 Bcast:192.168.1.255 Mask:255.255.255.0
EtherTalk Phase 2 addr:65280/35
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:617 errors:1 dropped:0 overruns:0 frame:0
TX packets:1038 errors:4 dropped:0 overruns:1 carrier:3
collisions:0
RX bytes:59550 (58.1 Kb) TX bytes:80953 (79.0 Kb)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.255.255.0
EtherTalk Phase 2 addr:0/0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:237 errors:0 dropped:0 overruns:0 frame:0
TX packets:237 errors:0 dropped:0 overruns:0 carrier:0
collisions:0
RX bytes:20622 (20.1 Kb) TX bytes:20622 (20.1 Kb)
ppp0 Link encap:Point-to-Point Protocol
inet addr:209.71.20.153 P-t-P:162.33.224.2
Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:9 errors:0 dropped:0 overruns:0 frame:0
TX packets:51 errors:0 dropped:0 overruns:0 carrier:0
collisions:0
RX bytes:549 (549.0 b) TX bytes:3474 (3.3 Kb)
__________________________________________________
File: /etc/rc.d/rc.local
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
touch /var/lock/subsys/local
echo "1" > proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/tcp_syncookies
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -s 192.168.1.100/24 -j MASQ
/sbin/ipchains -A forward -s 192.168.1.101/24 -j MASQ
/sbin/ipchains -A forward -s 192.168.1.102/24 -j MASQ
/sbin/ipchains -A forward -s 192.168.1.103/24 -j MASQ
/sbin/ipchains -A forward -s 192.168.1.104/24 -j MASQ
/sbin/modprobe ip_masq_ftp
/sbin/modprobe ip_masq_quake
/sbin/modprobe ip_masq_irc
/sbin/modprobe ip_masq_user
_______________________________________________________
File: /etc/dhcpd.conf
#
# Set Global Options
#
option domain-name "applebaum.com";
# option domain-name-servers 192.168.1.5;
option domain-name-servers 207.103.0.2; # my dialups DNS
option domain-name-servers 207.103.11.9; # my dialups DNS
#
# Setup subnet
#
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.100 192.168.1.150;
default-lease-time 604800;
max-lease-time 604800;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.5;
}
_______________________________________________________
# dmesg|less
Memory BAT mapping: BAT2=128Mb, BAT3=64Mb, residual: 0Mb
Total memory = 192MB; using 1024kB for hash table (at c0400000)
Linux version 2.4.19-4a (root@server.applebaum.com) (gcc version 2.95.4
20010319 (prerelease/franzo/20011204)) #24 Mon Nov 25 22:27:27 UTC 2002
Found a Grand Central mac-io controller, rev: 2, mapped at 0xfddd3000
PowerMac motherboard: PowerMac 9500/9600
Cache coherency enabled for bandit/PSX
Found Bandit PCI host bridge at 0xf2000000. Firmware bus number: 0->0
hose bandit, pci_mem_offset: 00000000, start0: f3000000
io_base_virt: fd5cd000, io_base_phys: f2000000, isa_mem_base: 00000000
Cache coherency enabled for bandit/PSX
Found Bandit PCI host bridge at 0xf4000000. Firmware bus number: 1->1
hose bandit, pci_mem_offset: 00000000, start0: f5000000
io_base_virt: fcdcb000, io_base_phys: f4000000, isa_mem_base: 00000000
On node 0 totalpages: 49152
zone(0): 49152 pages.
zone(1): 0 pages.
zone(2): 0 pages.
Kernel command line: root=/dev/sda9
System has 32 possible interrupts
via_calibrate_decr: ticks per jiffy = 116541 (699246 ticks)
Console: colour dummy device 80x25
Calibrating delay loop... 465.30 BogoMIPS
Memory: 189488k available (1580k kernel code, 1876k data, 284k init, 0k
highmem)
Dentry cache hash table entries: 32768 (order: 6, 262144 bytes)
Inode cache hash table entries: 16384 (order: 5, 131072 bytes)
Mount-cache hash table entries: 4096 (order: 3, 32768 bytes)
Buffer-cache hash table entries: 16384 (order: 4, 65536 bytes)
Page-cache hash table entries: 65536 (order: 6, 262144 bytes)
POSIX conformance testing by UNIFIX
PCI: Probing PCI hardware
Scanning bus 00
Found 00:58 [106b/0001] 000600 00
Found 00:68 [1191/0007] 000100 00
Found 00:70 [1077/1020] 000100 00
Found 00:78 [11ad/0002] 000200 00
Found 00:80 [106b/0002] 00ff00 00
Fixups for bus 00
Bus scan for 00 returning with max=00
Scanning bus 01
Found 01:58 [106b/0001] 000600 00
Found 01:68 [10e0/9128] 000380 00
Fixups for bus 01
Bus scan for 01 returning with max=01
PCI:00:0d.0: Resource 0: 00000840-00000847 (f=101)
PCI:00:0d.0: Resource 1: 00000830-00000833 (f=101)
PCI:00:0d.0: Resource 2: 00000820-00000827 (f=101)
PCI:00:0d.0: Resource 3: 00000810-00000813 (f=101)
PCI:00:0d.0: Resource 4: 00000800-0000080f (f=101)
PCI:00:0e.0: Resource 1: 80810000-80810fff (f=200)
PCI:00:10.0: Resource 0: f3000000-f301ffff (f=200)
PCI:01:0d.0: Resource 0: 92000000-92ffffff (f=1208)
PCI:00:0f.0: Resource 0: 00000400-000004ff (f=101)
PCI:00:0f.0: Resource 1: 80800000-808000ff (f=200)
PCI: Enabling device 00:0e.0 (0016 -> 0017)
Macintosh CUDA driver v0.5 for Unified ADB.
Linux NET4.0 for Linux 2.4
Based upon Swansea University Computer Society NET3.039
Initializing RT netlink socket
Starting kswapd
VFS: Diskquotas version dquot_6.4.0 initialized
Journalled Block Device driver loaded
MacOS display is /bandit/IMS,tt128mbA
Using unsupported 640x480 IMS,tt128mbA at 92000020, depth=32, pitch=2560
Console: switching to colour frame buffer device 80x30
fb0: Open Firmware frame buffer device on /bandit/IMS,tt128mbA
input0: Macintosh mouse button emulation
Uniform Multi-Platform E-IDE driver Revision: 6.31
ide: Assuming 33MHz system bus speed for PIO modes; override with
idebus=xx
AEC6260R: IDE controller on PCI bus 00 dev 68
AEC6260R: chipset revision 1
AEC6260R: not 100% native mode: will probe irqs later
AEC6260R: ROM enabled at 0x80820000
ide2: BM-DMA at 0x0800-0x0807, BIOS settings: hde:pio, hdf:pio
ide3: BM-DMA at 0x0808-0x080f, BIOS settings: hdg:pio, hdh:pio
disabling irq 23 defensively
hde: WDC WD600BB-00CFC0, ATA DISK drive
disabling irq 23 defensively
disabling irq 23 defensively
ide2 at 0x840-0x847,0x832 on irq 23
ide: Assuming 33MHz system bus speed for PIO modes; override with
idebus=xx
hde: 117231408 sectors (60022 MB) w/2048KiB Cache, CHS=116301/16/63,
UDMA(66)
ide-floppy driver 0.99.newide
Partition check:
hde: unknown partition table
Linux Tulip driver version 0.9.15-pre11 (May 11, 2002)
PCI: Enabling device 00:0f.0 (0004 -> 0007)
tulip0: MII transceiver #1 config 3000 status 7829 advertising 01e1.
eth0: Lite-On 82c168 PNIC rev 32 at 0x400, 00:A0:CC:63:00:3F, IRQ 25.
eth1: MACE at 00:05:02:b6:28:29, chip revision 25.64
ide-floppy driver 0.99.newide
SCSI subsystem driver Revision: 1.00
scsi0 : SCSI host adapter emulation for IDE ATAPI devices
mesh: configured for synchronous 5 MB/s
mesh: performing initial bus reset...
scsi1 : MESH
mesh: target 3 synchronous at 5.0 MB/s
Vendor: MATSHITA Model: CD-ROM CR-8005 Rev: 1.0m
Type: CD-ROM ANSI SCSI revision: 02
scsi2 : 53C94
Vendor: QUANTUM Model: FIREBALL ST4.3S Rev: 0F0C
Type: Direct-Access ANSI SCSI revision: 02
Vendor: WangDAT Model: Model 3400DX Rev: 192B
Type: Sequential-Access ANSI SCSI revision: 02
st: Version 20020205, bufsize 32768, wrt 30720, max init. bufs 4, s/g
segs 16
Attached scsi tape st0 at scsi2, channel 0, id 4, lun 0
Attached scsi disk sda at scsi2, channel 0, id 1, lun 0
SCSI device sda: 8471232 512-byte hdwr sectors (4337 MB)
sda: [mac] sda1 sda2 sda3 sda4 sda5 sda6 sda7 sda8 sda9 sda10
Attached scsi CD-ROM sr0 at scsi1, channel 0, id 3, lun 0
sr0: scsi-1 drive
Uniform CD-ROM driver Revision: 3.12
PowerMac Z8530 serial driver version 2.0
ttyS0 at 0xcd14c020 (irq = 15) is a Z8530 ESCC, port = modem
ttyS1 at 0xcd153000 (irq = 16) is a Z8530 ESCC, port = printer
mice: PS/2 mouse device common for all mice
md: linear personality registered as nr 1
md: raid0 personality registered as nr 2
md: raid1 personality registered as nr 3
md: raid5 personality registered as nr 4
raid5: measuring checksumming speed
8regs : 273.200 MB/sec
32regs : 236.400 MB/sec
raid5: using function: 8regs (273.200 MB/sec)
md: md driver 0.90.0 MAX_MD_DEVS=256, MD_SB_DISKS=27
adb: starting probe task...
md: Autodetecting RAID arrays.
md: autorun ...
md: ... autorun DONE.
NET4: Linux TCP/IP 1.0 for NET4.0
IP Protocols: ICMP, UDP, TCP
IP: routing cache hash table of 2048 buckets, 16Kbytes
TCP: Hash tables configured (established 16384 bind 16384)
NET4: Unix domain sockets 1.0/SMP for Linux NET4.0.
NET4: AppleTalk 0.18a for Linux NET4.0
kjournald starting. Commit interval 5 seconds
EXT3-fs: mounted filesystem with ordered data mode.
VFS: Mounted root (ext3 filesystem) readonly.
Freeing unused kernel memory: 284k init 8k chrp 36k prep
adb devices: [2]: 2 2 [3]: 3 1
ADB keyboard at 2, handler set to 3
Detected ADB keyboard, type ANSI.
input1: ADB HID on ID 2:2.02
ADB mouse at 3, handler set to 2
input2: ADB HID on ID 3:3.01
adb: finished probe task...
Adding Swap: 255992k swap-space (priority -1)
EXT3 FS 2.4-0.9.17, 10 Jan 2002 on sd(8,9), internal journal
kjournald starting. Commit interval 5 seconds
EXT3 FS 2.4-0.9.17, 10 Jan 2002 on ide2(33,0), internal journal
EXT3-fs: mounted filesystem with ordered data mode.
eth0: Setting full-duplex based on MII#1 link partner capability of
45e1.
Serial driver version 5.05c (2001-07-08) with MANY_PORTS SHARE_IRQ
SERIAL_PCI enabled
IN from bad port 3f9 at cd180080
IN from bad port 3f9 at cd180080
IN from bad port 3f9 at cd180080
IN from bad port 2f9 at cd180080
IN from bad port 2f9 at cd180080
IN from bad port 2f9 at cd180080
IN from bad port 3e9 at cd180080
IN from bad port 3e9 at cd180080
IN from bad port 3e9 at cd180080
IN from bad port 2e9 at cd180080
IN from bad port 2e9 at cd180080
IN from bad port 2e9 at cd180080
CSLIP: code copyright 1989 Regents of the University of California
PPP generic driver version 2.4.2
PPP Deflate Compression module registered
James Applebaum