netbsd-help: IP Masquerading with IPNAP

Subject: IP Masquerading with IPNAP
To: None <netbsd-help@netbsd.org>
From: Peter Mancuso <unishell@hotmail.com>
List: netbsd-help
Date: 08/28/2001 22:07:09
Hi,

I am trying to set up IP Masquerading on a NetBSD box with IPNAT and cant 
seem to get it to work!!

Here are my settings. Two NICs, one wired to the net through cable 
modem(rtk0) and a the second NIC configured for my local network along with 
my client PCs

here are my relavent configuration files

/etc/rc.conf
ipfilter=YES
ipnat=YES
host="cr281793-b.wlfdle1.on.wave.home.com"
auto_ifconfig=NO
net_interfaces="rtk0 ne2"
ifconfig_rtk0="inet 24.42.160.18 netmask 255.255.255.128"
ifconfig_ne2="inet 192.168.1.1 netmask 255.255.255.0"
defaultroute="24.42.160.1"  # Cable Connection Gateway

/etc/ipnat.conf
map rtk0 192.168.1.1/24 -> 0/32 proxy port ftp ftp/tcp
map rtk0 192.168.1.1/24 -> 0/32 portmap tcp/udp 40000:60000
map rtk0 192.168.1.1/24 -> 0/32

/etc/ipf.conf
pass in from any to any
pass out from any to any

/etc/rc.local
sysctl -w net.inet.ip.forwarding=1


The NICs seemed configured correctly I can ping clients on the local network 
and can access the internet from rtk0.....

#ifconfig rtk0
rtk0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        address: 00:40:f4:19:69:02
        media: Ethernet autoselect (none)
        status: active
        inet 24.42.160.18 netmask 0xffffff80 broadcast 24.42.160.127
        inet6 fe80::240:f4ff:fe19:6902%rtk0 prefixlen 64 scopeid 0x1


#ifconfig ne2
ne2: flags=8863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        address: 00:60:67:3d:25:a8
        media: Ethernet autoselect (10baseT)
        inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
        inet6 fe80::260:67ff:fe3d:25a8%ne2 prefixlen 64 scopeid 0x2

#sysctl net.inet.ip.forwarding
net.inet.ip.forwarding = 1

my client machines (win 2000 server + linux) are configured 192.168.1.2/3 
with a default gateway of 192.168.1.1(BSD box) (do I have to specify DNS 
servers for my clients)

.....anyways all this jargon and still now show!!!!!!....

...I dont know if this is all I need?....any help would be greatly 
appreciated!!

it seemed alot easier on Linux with ipchains :)

thanks in advance!

peace
pete
out
#!

Ps if it helps

#route show
Routing tables

Internet:
Destination      Gateway            Flags
default          24.42.160.1        UG
24.42.160.0      link#1             U
24.42.160.1      0:0:77:94:69:43    UH
loopback         127.0.0.1          UG
localhost        127.0.0.1          UH
192.168.1.0      link#2             U

Internet6:
Destination      Gateway            Flags
default          localhost          UG
default          localhost          UG
localhost        localhost          UH
::127.0.0.0      localhost          UG
::224.0.0.0      localhost          UG
::255.0.0.0      localhost          UG
::ffff:0.0.0.0   localhost          UG
2002::           localhost          UG
2002:7f00::      localhost          UG
2002:e000::      localhost          UG
2002:ff00::      localhost          UG
fe80::           localhost          UG
fe80::%rtk0      link#1             U
fe80::%ne2       link#2             U
fe80::%lo0       fe80::1%lo0        U
fec0::           localhost          UG
ff01::           localhost          U
ff02::%rtk0      link#1             U
ff02::%ne2       link#2             U
ff02::%lo0       fe80::1%lo0        U




_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp