Subject: IPNAT problem?
To: None <netbsd-users@netbsd.org>
From: Oliver <oliverko@dialup.nacamar.de>
List: netbsd-users
Date: 11/18/1999 11:14:41
Hello,

I've installed NetBSD 1.3.2 (I know its obsolet but I will migrate if I get
the 1.4.1 version on CD). This box is intended to be a dialup server for my
other hosts.

MyISP <--> modem <--> NetBSD box (192.168.1.1) <--> ethernet <--> FreeBSD
box (192.168.1.6)

What I did:

1. patched the kernel for ipnat bug (diff-ipnat.gz)
2. recompiled the kernel with GATEWAY option
3. in rc.conf set IPFILTER to YES
4. create empty /etc/ipf.conf
5. in /etc/netstart
    if [ -f /etc/ipnat.conf ]; then
        /usr/sbin/ipnat -f /etc/ipnat.conf
    fi
6. in /etc/ipnat.conf
    map ppp0 192.168.1.0/24 -> 0.0.0.0/32 portmap tcp/udp 10000:40000
7. setup pppd with demand option
8. in rc.conf defaultroute="", ppp_peers=nacamar
9. in /etc/ppp create the file ip-up
    #!/bin/sh
    /sbin/ipf -y

If I start a ftp session to ftp.netbsd.org all works fine but if I try the
same from the FreeBSD box the NetBSD system makes a connection to my ISP but
nothing returns (no ftp login). The command ipnat -l (on dialup server)
prints:

192.168.1.6 1029    <--> 62.144.243.25 1029
192.168.1.6 1028    <--> 62.144.243.25 1028
192.168.1.6 1027    <--> 62.144.243.25 1027

Shouldn't be the ports between 10000 and 40000.

A other strange behaviour. If I make a telnet from FreeBSD to NetBSD the
NetBSD box brings up the ppp0 to the ISP. Why? The /etc/resolv.conf looks on
both systems like:

lookup file bind
domain network.de
nameserver 195.185.185.195
name server 194.162.141.17

the /etc/hosts file

192.168.1.1    a21064.network.de    a21064    (NetBSD)

192.168.1.6    k6v1fb    k6v1fb.network.de       (FreeBSD)

What could I do in order to fix the problems (maybe they are related to each
other).

thanx,
Oliver