Subject: Re: IP translator
To: Hakan Thorngren <hth@iar.se>
From: David Brownlee <abs@anim.dreamworks.com>
List: port-amiga
Date: 07/18/1997 09:02:49
    Brief notes on ipnat (revision 5 :)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

	Ipnat performs Network Address Translation (NAT), also known as
	IP-Masquerading for the less well informed.

	Ipnat is part of ipfilter, which is distributed with
	NetBSD -current, and can be added to a 1.2 or 1.2.1 setup.

        There is a webpage for ipfilter at:
                http://coombs.anu.edu.au/~avalon/ip-filter.html

	Assuming you can get a static address allocated by your ISP:

	a) Have a gateway host (eg: machine with local ethernet and either
	   a modem or an outgoing ethernet connection)
	b) Setup that machien to talk to the outside world, either using
	   ppp on a modem, or a 'standard' ethernet setup.
	   (There are other FAQs describing how to do this :)
	c) Number your internal machines on a reserved network
	       (eg 10.x.x.x
		    ethernet address of gateway 10.0.0.1
		    ethernet address of 1st local host 10.0.0.2
		    etc)
	d) Ensure /etc/mygate on all other machines contains the
	   internal network address of the gateway (10.0.0.1)
	e) On the gateway:
	   Create an /etc/ipnat.conf file:
	   map EXT 10.0.0.0/8 -> X.X.X.X/32 portmap tcp/udp 10000:20000
		(Where EXT is your external (to the world) network interface,
		 'ppp0' for a modem over ppp, otherwise sn0, or le0 etc)
	        (X.X.X.X is the address of your EXT interface,)
	   Run 'ipnat -f /etc/ipnat.conf'.
           Run 'sysctl -w net.inet.ip.forwarding=1' (enable routing)

	If on a modem run pppd as normal.

	Now try to telnet out or web browse from another local machine.

	Once you have this working you probably want to add the
	startup, ipnat, and sysctl to the end of /etc/rc.local.
    	
		David/abs

    "Its a bright sunny california day outside, and you're inside."
    "And your point would be...?"


On Fri, 18 Jul 1997, Hakan Thorngren wrote:

> We have a small UNIX (Amiga and SUN sparcs) network at home with a dial up 
> internet connection (single IP address, dynamically allocated each dial up).
> 
> At the moment, the modem is attached to an Amiga 3000 running NetBSD.
> To access internet, we have to connect to the Amiga and make telnet/ftp 
> connections to the outside world.
> It works just fine, but we really would like to use Netscape which is
> only available for SUN.
> 
> I see two solutions:
> 
> 1. Move the modem to one of the SUNs.
> 2. Get some IP translator software for the Amiga so that it can relay
>    IP between the nets properly.
> 
> I would prefer an IP translator as it would solve the problem, not cure
> the symptom.
> A firewall would probably do the job, but I am really only interested in 
> the IP translator part and want something simple and free.
> 
> Where can I find an IP translator that can be used with NetBSD?
>