-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello Brian ,
On Fri, 28 Jul 2000, Brian Klug wrote:
> Jason, that worked pretty well.
> I can access that interface from all 4 ip's now. Looks like I'm half
> done.
> I tried the next step myself. I'm actually using the older IPFWADM
> program for my masquerading.
This is cool .
Ipfwadm ? Under which kernel version ?
I am not sure if it works properly under 2.2 or greater ,
though there are far wiser heads than I on that score .
> I just did:
> # ipfwadm -F -i accept -S 64.50.146.19 -D 192.168.1.2
> # ipfwadm -F -i accept -S 64.50.146.20 -D 192.168.1.3
> # ipfwadm -F -i accept -S 64.50.146.21 -D 192.168.1.4
> # ipfwadm -F -l -n
> IP firewall forward rules, default policy: deny
> type prot source destination ports
> acc all 64.50.146.19 192.168.1.2 n/a
> acc all 64.50.146.20 192.168.1.3 n/a
> acc all 64.50.146.21 192.168.1.4 n/a
> acc/m all 192.168.1.0/24 0.0.0.0/0 n/a
> #
> It looks like it work magically -- that is it looks like anything coming
> in from 64.50.146.19 would be sent to 192.168.1.2, etc.
>
> But when I telnet to 64.50.146.19 I get the login MOTD for the
> 64.50.146.18 box. So close :)
That sounds -very- familiar . But, do keep at it if this can
do the trick it will have a great deal of application to another
area I am working in . Tnx , JimL
> Brian
> PS: After I wrote this mail, I'm now unable to access the box at all.
> The telnet MOTD is displaying really slow, well no, now the box is
> refusing all connections. I assume the CPU is busy routing IP traffic
> to itself or something equally uninteresting.
Drats .
> No big deal, I'll just see what I did to the box when I get home.
> Actually, I think I know what I did wrong. I had the wrong concept of
> how ipfwadm instructs the kernel to forward packets. I must have had it
> backwards, or approaching it the wrong way.
Nah , 'should not' be the case . Old story , "If it worked once
then should work always . Only way behaviour 'should' change
is if something was changed ." Tis cool though , Please keep
us informed . Twyl, JimL
+----------------------------------------------------------------+
| James W. Laferriere | System Techniques | Give me VMS |
| Network Engineer | 25416 22nd So | Give me Linux |
| [EMAIL PROTECTED] | DesMoines WA 98198 | only on AXP |
+----------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1i
iQA/AwUBOYHpA9bsrYDRJjJBEQLt9ACeM3iffodYRQQZdR/CROMvfmi+rQYAnimt
G1CfZeysGq02vjiM5Pwn4PDS
=bEau
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
