Lee Bradshaw wrote: > Hi, > > How am I supposed to use the ipmasq package with ppp? Is it possible? > I tried using 0.0.0.0 as the external ip address, but I received a > few error messages when booting and I couldn't telnet to the machine > anymore. I couldn't find any documentation in /usr/doc/ipmasq and the > man pages just said that there were no useful man pages. After removing > ipmasq and rebooting telnet to the machine worked fine again. > > I executed the following commands to get masquerading to work manually: > > ipfwadm -F -p deny > ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0 > > After changing the default route on another system I was able to bring > up web pages through the masquerading system. > > Does anyone have any suggestions on how to use the ipmasq package with ppp and > dynamic addresses (I assume it works ok with static addresses)? How about > suggestions on where to put ipfwadm filtering commands in the initialization > directories? > > -- > Lee Bradshaw [EMAIL PROTECTED] (preferred) > Alantro Communications [EMAIL PROTECTED] > > I put the 'ipfwadm' commands in a file called localrc and used the update-rc.d command to put it as S91 in the startup sequence. (see /etc/init.d/README for more information)
As far as dynamic ip addressing. I use the option -W ppp0 to indicate the dynamic port. eg: ipfwadm -I -a deny -S 192.168.0.0/16 -W ppp0 -o Will prevent anything from coming over the dialup line pretending to be one of the private ip numbers, with logging (-o). Doesn't matter what ip number I received from my ISP. John.
