Hi everyone; Thanks to everyone's help I'm down to (hopefully) one last nitty-gritty issue in getting masq setup for our site. In general - Linux box with 2 interfaces, both physically connected to the same network. Eth0 os registered IP and eth1 is masq'd ip. Kernel is 2.0.33 with firewall, gateway, and masq turned on. IPAUTOFW Is currently turnrd off. My forwarding rules - ipfwadm -F -b -a a -S <eth0> -D <eth1> -W eth0 ipfwadm -F -b -a a -S <eth1> -D <eth0> -W eth1 ipfwadm -F -b -a m -S <eth1> -W eth1 ipfwadm -F -b -a m -S <eth0> -W eth0 I have also tried making the first two rules instead of all protocols to specifick look at ports 137:139 for tcp, udp, and icmp. Tcp dump told me one of the responses from my PDC on the registered IP was an icmp packet. What I'm seeing is the masq'd node properly go through the masq server. But, when it want's to talk to the BDC the packet is going to a port in the 61xx range. I know this is part of the basics of masq. Unfortunatly, Microslop won't listen for netbios stuff except on ports 137:139. So, my PDC is responding with a "domain unreachable". At least I think that's whats going wrong. The question becomes how to get the netbios ports direct to/from the PDC and the masq'ed node. I have downloaded the redir and udpredr files but must admit I can not figure out how to try them. or, if this is the right way to go. One interesting behavior though. Since I have the kernel compiled for masq I can not ping through the machine until I actually turn on masq with the ipfwadm rule. Setting a rule to allow both networks unlimited communication dosen't pass data through. What this ultimatly breaks is a node being able to log in to an NT domain from a masqureaded node. I think I'm real close, but, this piece finally has me stumped. I've tinkered with Samba but, I'm not sure it will help here. Is it time to give up, or can I make this work? Thanks in advance. Jeff Adams [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] For daily digest info, email [EMAIL PROTECTED]
