----------
> From: Richard Stearn <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: Dynamic addr for a axip or ipip tunnel?
> Date: Thursday, June 10, 1999 7:51 PM
>
> >
> > I am sure that I am not the only guy who dials into an ISP and receives
> > an dynamic IP address for the outside interface with ipfwadm and
running
> > Amateur tcpip applications. Aside from hand editing source and
> > destination address's each time the system kicks off, is there a better
> > mouse trap? I tried the tunnel-munge script but could not get it to
> > work.
> >
> > The system here runs diald (dial on demand) which auto creates the ppp0
> > circuit and default gw. I would like to link the internal nos network
> > to other gateways via axip or even ipip using the ISP dynamic address
> > (which changes with each login).
> >
> > Is there anyone doing this? Thank you in advance.
>
> John
> Not quite sure of the question but I think the answer is IP Masquerade.
>
> Give your system an IP number from the private IP address ranges (RFC
1918?).
>
> Define your firewall defaults to deny everything on all external
interfaces.
>
> Create scripts that setup/clear firewall configurations for the IP
address
> passed to them. These scripts enable/disable the packet filters for IP
> services that you wish to use and set/unset the Masquerade address for
that
> interface.
>
> For ppp call the firewall setup/clear script from ip-up/ip-down with the
IP
> address passed in by pppd.
>
> For other interfaces call the firewall script with the IP address you are
> using on that interface.
>
> I use two different firewall configurations, one for IP over AX25 and one
> for ppp.
>
> --
> Regards
> Richard
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Amateur radio callsign: G1SOG Home BBS: G1SOG@GB7SDN.#49.GBR.EU
> My opinions are mine, all mine. None to spare for unopinionated masses.
> This message comes from a WinTel free zone. CPU = Cyrix, OS = Linux.
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Hi Richard,
That you point out it is the way,
Ok here I go with some of the things that I understood of John
for which I said that we were already two people with the same problem
Point number one what Bob explains on the ENCAP/ROUTES
about someone that he wants to make the hosted with a dynamic ip
using the MFNOS/JNOS or the TNOS, I am using that feature
for near 2 or 3 years and I still have at the present time the connection,
I am a Dynamic IP/ROUTES user
and I am being hosted for a friend before being running to linux
I had two JNOS working, one working as gateway and the other one to make
those
connections in AXIP connection with the world.
I wanted to use my internal net with linux, using the regular connection
IP/Private
with a firewall and to use the connection with the normal AMPRNET.
The case is that I installed the IPMASQUERADE to use the privates IP with
the IP/Forward
and the AMPRNET to go it by the munge-script, and this way,
I to be able to use the IP 192.168.0.x in ipfw and the 44-subnet normal.
The case is that the ipip_routes is not compatible with the masquerade
everybody can connect me in my 44-subnet normal without any problem
but when I connect somebody of the amprnet
e.g. a (JNOS) I write the cmd ' M' I don't see my 44-ip in their Jnos
I only see my ip-ppp0 in their Jnos, in another word I have the connection
in half-duplex hi.
I want to maintain using the masquerade because
I have 4 PCs connected in a local network at home.
btw Bob if you have the idea now.
73's Jose (hi8gn)
