> I've got a Dachstein (1.02, I think) router in its default configuration > (except for enabling ipSec VPN masquerading). I would like to access the > cable modem's http status page, which is hard wired at address > 192.168.100.1. What do I need to modify to make this possible from within > my private 192.168.1.x network? I'm guessing that I need to 1) add a > route using the ip command and 2) add an ipchains rule that will allow > access. Unfortunately, I'm not literate enough with either to conjure up > the syntax myself. > > The cable modem is on eth0, which gets its ip address via the Dachstein > dhcp client. My private network is on eth1, with the default Dachstein > address of 192.168.1.254.
Adding the network configuration is easy...simply add an alias to your external interface: eth0_IP_EXTRA_ADDRS="192.168.100.2/24" To allow access to the 192.161.x.x private IP range on the external side of your firewall, you need to modify the firewall setup scripts, or all packets to the IP of your cable modem will be dropped. Do this by commenting the following line in the stopMartians procedure of /etc/ipfilter.conf : $IPCH -A $LIST -j DENY -p all -s 192.168.0.0/16 -d 0/0 -l $* NOTE: This will *NOT* allow any arbitrary packets from the 192.168 private IP space through your firewall. It simply moves the 192.168.x.x IP space into the group of "generic internet IP's", rather than denying all packets to/from this IP range. The packets still have to go through the firewall rules, just like any other random IP from the internet at large... Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
