port-i386: RE: I've been verizoned!

Subject: RE: I've been verizoned!
To: 'ewinkler@erols.com' <ewinkler@erols.com>
From: David Woyciesjes <DAW@yalepress3.unipress.yale.edu>
List: port-i386
Date: 09/18/2000 10:33:54
Cool, I'll add in the misc.tgz also...
I'm starting with the Firewall setup, because it has half the stuff I want
done already, and we (John and I) want to end up with another minimal
firewall setup, like the one he already has, but that'll work with
PPPoE/DSL... I'll let you guys know what happens...

---   David A Woyciesjes
---   C & IS Support Specialist
---   Yale University Press
---   mailto:david.woyciesjes@yale.edu
---   (203) 432-0953
---   ICQ # - 905818

> -----Original Message-----
> From:	Erik Winkler [SMTP:ewinkler@erols.com]
> Sent:	Monday, September 18, 2000 10:16 AM
> To:	David Woyciesjes
> Cc:	'Salvatore Mancini'; port-mac68k@netbsd.org; port-i386@netbsd.org
> Subject:	Re: I've been verizoned!
> 
> The firewall install, like a NetBSD base install, doesn't include all the
> utilities required to execute a 'make install'.  You need to do a full
> NetBSD
> install, less the X-Windows stuff, in order to get the correct utilities.
> I'm
> not sure which archive they are located in, but it might be misc.tgz.
> 
> Erik
> 
> David Woyciesjes wrote:
> 
> > Sal ---
> >         Looks like we're working towards the same goal. Here's where I'm
> > at... I'm starting the NetBSD/i386 Firewall system from
> > http://www.dubbele.com. I'm trying to add rp-pppoe and ppp on top of
> that.
> > Once it's finished, John (from dubbele.com) and I are going to wrap it
> up,
> > so the whole thing can be easily installed from his site...
> >         Here's the transcript from my last attempt. (for those who are
> > curious...)
> > I've been told that I forgot to add text.tgz... I'll do that tonight...
> >
> > --Installed NetBSD/Firewall... (from www.dubbele.com)
> > --Used DHCP server on my LAN, to get the files (figured this would make
> it
> > easier to switch the ex0 NIC to the DSL modem later)
> > --get comp.tgz, 'tar xvzpf comp.tgz'
> > --get /pub/NetBSD-current/tarfiles/pkgsrc.tar.gz into the /usr
> directory,
> > 'tar xvzpf pkgsrc.tar.gz'
> > --reboot, then cd /usr/pkgsrc/net/rp-pppoe, then 'make install'
> >         --Seemed okay, then ended with a screen of:
> >                 ***Error code 2
> >
> >                 Stop.
> >                 ***Error code 1
> >
> >                 Stop.
> >         --The 'error code 1' part was repeated 7 times ...
> >
> > So then, I tried this...
> > --cd /usr/pkgsrc/net/ppp, then 'make install'
> >         --and I got (exactly...)
> >                 ===> Building for ppp-2.3.11
> >                 all ===> chat
> >                 make: don't know how to make /usr/share/tmac/tmac.andoc.
> > Stop.
> >                 ***Error code 2
> >
> >                 Stop.
> >                 ***Error code 1
> >
> >                 Stop.
> >                 ***Error code 1
> >
> >                 Stop.
> >                 ***Error code 1
> >
> >                 Stop.
> > Yeah, I guess I am showing my stripes as a NetBSD newbie, but I'm
> definitely
> > interested in learning...
> > >>>clipped<<<
> >
> > ---   David A Woyciesjes
> > ---   C & IS Support Specialist
> > ---   Yale University Press
> > ---   mailto:david.woyciesjes@yale.edu
> > ---   (203) 432-0953
> > ---   ICQ # - 905818
> >
> > > -----Original Message-----
> > > From: Salvatore Mancini [SMTP:salvatore@bellatlantic.net]
> > > Sent: Monday, September 18, 2000 2:12 AM
> > > To:   ewinkler@erols.com; port-mac68k@netbsd.org; port-i386@netbsd.org
> > > Subject:      Re: I've been verizoned!
> > >
> > > Ok so far so good. It looks like I did have the m68k version instead
> of
> > > the
> > > i386. I got the right one, reinstalled 1.4.2, then ppp2.3.10 and
> finally
> > > rp-pppoe2.0. I have successfully connected with the pc(running
> netbsd142).
> > > I am
> > > trying to set up the firewall. I am able to ping the nic connected to
> the
> > > adsl
> > > modemfrom other machines on the lan but cannot get onto the net from
> > > there. I
> > > have ipnat and ipfilter on.
> > >
> > > ipnat.conf reads
> > >
> > > #/sbin/ipnat -f
> > > #
> > > map ne2 192.168.100.1/32 -> 151.203.0.0/16 portmap tcp/udp 40000:60000
> > > map ne2 192.168.100.1/32 -> 151.203.0.0/16
> > >
> > > map ne2 192.168.100.1/32 -> 151.203.0.0/16 proxy port ftp tcp/udp
> > >
> > >
> > > ipf.conf reads
> > >
> > > #/sbin/ipf -f -
> > >
> > > block in quick all with short
> > >
> > > When I had a static ip 151.203.0.0/16 was 151.203.19.71/32 and it
> worked
> > > great.
> > > I will continue searching the net for firewall stuff. I feel like I am
> > > only
> > > missing a few things here. I can almost smell it is so close
> > >
> > > Sal
> > >
> > >