Subject: RE: IPFilter Config; client configuration
To: David Guynn <dguynn@geocities.com>
From: Paul Goyette <paul@whooppee.com>
List: port-i386
Date: 11/01/1998 08:36:24
Just execute the command
# ipf -E
as root. (Note that the -E is capital E, not lower-e)
On Sun, 1 Nov 1998, David Guynn wrote:
> Huh???
> How do I set up the ipf -e?
>
> --DAVE
>
> > -----Original Message-----
> > From: Paul Goyette [mailto:paul@whooppee.com]
> > Sent: Sunday, November 01, 1998 11:27 AM
> > To: David Guynn
> > Cc: port-i386@netbsd.org; port-mac68k@netbsd.org
> > Subject: RE: IPFilter Config; client configuration
> >
> >
> > Try running ftp in Passive mode...
> > Also, make sure you do an ipf -E to enable ipfilter and ipnat (not
> > obvious, but ipnat is "related" to ipfilter).
> >
> > On Sun, 1 Nov 1998, David Guynn wrote:
> >
> > >
> > > My ipnat.conf is set up:
> > >
> > > map ppp0 192.168.4.0/24 -> 0.0.0.0/32 portmap tcp/udp 10000:40000
> > >
> > > What else do I need?
> > >
> > >
> > > -Dave
> > > > -----Original Message-----
> > > > From: port-i386-owner@netbsd.org [mailto:port-i386-owner@netbsd.org]On
> > > > Behalf Of Paul Goyette
> > > > Sent: Sunday, November 01, 1998 10:31 AM
> > > > To: David Guynn
> > > > Cc: port-mac68k@netbsd.org; port-i386@netbsd.org
> > > > Subject: Re: IPFilter Config; client configuration
> > > >
> > > >
> > > > The problem is not on your Mac!
> > > >
> > > > The problem is that the ftp destination host, ftp.gmd.de,
> > does not know
> > > > how to get back to your Mac's address 192.168.4.3
> > > >
> > > > Unfortunately, there is really no way to "teach" ftp.gmd.de
> > how to reach
> > > > the Mac, since it's address is in RFC1918 "unroutable" (aka private)
> > > > address space.
> > > >
> > > > So, you'll need to configure ipnat on the PC so that whenever
> > it gets a
> > > > packet from 192.168.4.3 it translates that into the PC's
> > registered PPP
> > > > address. Then, ftp.gmd.de will know how to get back to your PC, and
> > > > your PC's ipnat will forward the packets back to the Mac.
> > > >
> > > > On Sun, 1 Nov 1998, David Guynn wrote:
> > > >
> > > > > Okay, i'm back.
> > > > >
> > > > > My network looks like:
> > > > >
> > > > > PPP Host
> > > > > |
> > > > > |
> > > > > NetBSD/i386 ---crossover cable--- NetBSD/mac68k
> > > > > 192.168.4.2 192.168.4.3
> > > > >
> > > > > I can telnet and ftp between the two hosts. I can ping
> > > > 192.168.4.3 and vice
> > > > > versa.
> > > > > I set up 192.168.4.2 to IPF the mac68k to PPP. So I did a
> > experiment:
> > > > >
> > > > >
> > > > > MAC68k /etc/rc.conf
> > > > >
> > > > > DEFAULTROUTE="192.168.4.2"
> > > > >
> > > > >
> > > > > So on the i386 I try to ftp ftp.gmd.de and the same on the mac.
> > > > It comes up
> > > > > on the pc but not on the mac. So how do I configure the mac?
> > > > >
> > > > > --DAVE
> > > > >
> > > > >
> > > >
> > > > ------------------------------------------------------------------
> > > > -----------
> > > > | Paul Goyette | PGP DSS Key fingerprint: | E-mail
> > > > addresses: |
> > > > | Network Engineer | BCD7 5301 9513 58A6 0DBC |
> > > > paul@whooppee.com |
> > > > | and kernel hacker | 91EB ADB1 A280 3B79 9221 |
> > > > paul.goyette@ascend.com |
> > > > ------------------------------------------------------------------
> > > > -----------
> > > >
> > >
> >
> > ------------------------------------------------------------------
> > -----------
> > | Paul Goyette | PGP DSS Key fingerprint: | E-mail
> > addresses: |
> > | Network Engineer | BCD7 5301 9513 58A6 0DBC |
> > paul@whooppee.com |
> > | and kernel hacker | 91EB ADB1 A280 3B79 9221 |
> > paul.goyette@ascend.com |
> > ------------------------------------------------------------------
> > -----------
> >
>
>
-----------------------------------------------------------------------------
| Paul Goyette | PGP DSS Key fingerprint: | E-mail addresses: |
| Network Engineer | BCD7 5301 9513 58A6 0DBC | paul@whooppee.com |
| and kernel hacker | 91EB ADB1 A280 3B79 9221 | paul.goyette@ascend.com |
-----------------------------------------------------------------------------