netbsd-users: Success in Treo syncing over Bluetooth success; clue required for NAT and ppp server configuration woes

Subject: Success in Treo syncing over Bluetooth success; clue required for NAT and ppp server configuration woes
To: None <netbsd-users@netbsd.org>
From: Brian de Alwis <bsd@cs.ubc.ca>
List: netbsd-users
Date: 03/26/2007 12:20:47

With the recent changes to rfcomm_sppd to support a server mode,
I'm now able to sync my Treo 650 over Bluetooth.  My command-line
is:

    rfcomm_sppd -c 1 -s SP -t /dev/ttypf; \
    jpilot-sync -p /dev/ttypf

(executed as root; I'm not sure if it's possible to configure the
Bluetooth devices to be accessible as a normal user?)

Pretty cool!  It seems slower than syncing across USB, though I
haven't done any timings yet.  It's still nice to be able to get
rid of another wire at least.  Thanks to Iain and all involved!


I've *almost* managed to have my home PC act as a gateway for the
Treo to access the 'net as a client through Bluetooth.  My last
stumbling block is that that I can't get NAT to rewrite the packets
coming from the Treo.  My home PC's IP is 172.16.1.64 (we're behind
an ISP-provided router).  I've set up PPP using the following
options:

    crtscts
    115200
    10.0.0.1:10.0.0.2 netmask 255.255.255.0
    noauth
    passive
    local
    ms-dns 172.16.1.254
    pty "rfcomm_sppd -c 1 -s DUN"

My /etc/ipf.conf is:

    pass in from any to any
    pass out from any to any

My /etc/ipnat.conf is:

    map ppp0 10.0.0.2/8 -> 0/32 proxy port ftp ftp/tcp
    map ppp0 10.0.0.2/8 -> 0/32 portmap tcp/udp 40000:60000
    map ppp0 10.0.0.2/8 -> 0/32

In /etc/ppp/ip-up, I do:

    ipf -E -Fa -f /etc/ipf.conf
    sysctl -w net.inet.ip.forwarding=1
    ipnat -C -f /etc/ipnat.conf

I invoke ppp with 

    # ppp nodetach debug call bt-server

Upon successful connection, an `ipnat -lv' shows the NAT rules loaded.

The Treo can ping the home PC, and the home PC can ping the Treo.
But the Treo can't ping the gateway (172.16.1.254): the pings are
routed onto the other interface, but they are un-NATed, still
bearing a source of 10.0.0.2.  Using tcpdump, I see lines like the
following going across the other interface:

    12:08:26.439291 IP 10.0.0.2 > 172.16.1.254: icmp 40: echo request seq 3

The same thing happens for DNS queries and any other IP requests. 

I'm clearly missing something in the ppp file, but I'm not sure
what!  I've tried removing the 10.0.0.1 as well as replacing it
with the home PC's IP (172.16.1.64), but to no avail.  I've tried
making the ipnat.conf more specific, mapping 10.0.0.2/32 ->
172.16.1.64/32.  No difference.

I'm clearly missing something.  Can anybody please provide me a clue?

Brian. 

--