Subject: Re: IP-masquerading on RiscBSD v1.3a
To: Ib-Michael Martinsen <imm@riscpc.dk>
From: David Brownlee <abs@anim.dreamworks.com>
List: port-arm32
Date: 06/21/1998 11:14:23
	The correct term for what linux calls IP-masquerading is
	Network Address Translation (NAT), which is handled on
	NetBSD by ipnat. 
	The ip-filter docs may be of some help:
	http://coombs.anu.edu.au/~avalon/ip-filter.html
		David/absolute
                -=-  "Just when everything was making sense"  -=-
On Sun, 21 Jun 1998, Ib-Michael Martinsen wrote:
> Hello there.
> 
> I have build a small network with the following layout:
> 
> Machine		OS		network-address
> RiscPC		RiscBSD		192.168.0.1
> PC		Win95		192.168.0.2
> A410		RISC OS		192.168.0.3
> 
> The RiscPC acts as the internet-gateway via a ppp-connection
> to my ISP. I would like to be able to access the internet from
> the PC and the A410 and have read that IP-masquerading is the
> proper technique for this. A search for IP-masquerading gave
> me some LINUX howto's on the subject, which I have read.
> 
> In LINUX you use the command ipfwadm to set up masquerading,
> but unfortunately this command is not present in my version
> of RiscBSD. I found ipf on RiscBSD to be the nearest lookalike
> to ipfwadm, although the man-pages does not mention anything
> about masquerading. Can anybody provide me with a suitable
> example on how to do it?
> 
> Anyway, I made the following ipf.conf file:
> 
> <Start of file>
> # block all inbound packets
> block in log all
> 
> # but allow incoming to 192.168.0.x
> pass in from any to 192.168.0.1/255.255.255.0
> pass in from any to 192.168.0.2/255.255.255.0
> 
> # log all outgoing traffic
> log out all
> <End of file>
> 
> 
> but when I execute the command: ipf -f ipf.conf
> I get the error:
> 
> root@nethotel:/etc => ipf -f ipf.conf
> open device: Device not configured
> ioctl(SIOCADDFR): Bad file descriptor
> ioctl(SIOCADDFR): Bad file descriptor
> ioctl(SIOCADDFR): Bad file descriptor
> ioctl(SIOCADDFR): Bad file descriptor
> 
> 
> Likewise the ipfstat command gives the following error:
> 
> root@nethotel:/etc => ipfstat
> open: Device not configured
> 
> According to the man pages the standard device is /dev/ipl
> which (among others) is defined as 
> 
> 
> root@nethotel:/etc => ll /dev/i* 
> crw-------  1 root  wheel   42,   0 Mar  2 19:32 /dev/iic
> crw-------  1 root  wheel   46,   3 Mar  2 19:33 /dev/ipauth
> crw-------  1 root  wheel   46,   0 Mar  2 19:33 /dev/ipl
> crw-------  1 root  wheel   46,   1 Mar  2 19:33 /dev/ipnat
> crw-------  1 root  wheel   46,   2 Mar  2 19:33 /dev/ipstate
> 
> 
> What do I have to do to get ipf and ipfstat to work?
> 
> 
> Best regards
>    Ib-Michael
> -- 
> Ib-Michael Martinsen		Email at work: dtpimm@dsg.dk
> Fidomail:      2:234/181.9	Email at home: imm@nethotel.dk
> 
> Running RiscBSD v1.3a on an Acorn RiscPC with a 202.4 MHz StrongArm processor.
> 
> -- 
> Ib-Michael Martinsen		Email at work: dtpimm@dsg.dk
> Fidomail:      2:234/181.9	Email at home: imm@nethotel.dk
> 
> Running RiscBSD v1.3a on an Acorn RiscPC with a 202.4 MHz StrongArm processor.
>