port-i386: Re: Setting up Wireless Network Router

Subject: Re: Setting up Wireless Network Router
To: Madhur Nigam <nigam@students.uiuc.edu>
From: Manuel Bouyer <bouyer@antioche.eu.org>
List: port-i386
Date: 07/31/2003 23:27:34

On Wed, Jul 30, 2003 at 12:15:07PM -0500, Madhur Nigam wrote:
> I am having trouble in setting up my wireless network router. I have this
> old computer without a harddrive and a bootable cd rom running netbsd that i
> cannot change. I have two nic on this computer. first the ethernet is
> connected to my dsl router and the other is a wirless nic.
> 
> Now my ethernet card gets its ip address i.e. 192.168.1.103 from the dsl
> router (by running dhclient ep0) and i assign 10.0.132.71 to my wireless
> card (and run dhcpd wi0) where ep0 and wi0 are ethernet and wireless
> interfaces.
> 
> since i cannot change the rc.conf, i have to start ipfilter and ipnat
> services manually. my ipf.conf looks like this
> pass in from any to any
> pass out from any to any
> and my ipnat .conf looks like this
> map ep0 10.0.132.0/24 -> 192.168.1.0/24 proxy port ftp ftp/tcp
> map ep0 10.0.132.0/24 -> 192.168.1.0/24 portmap tcp/udp 40000:60000
> map ep0 10.0.132.0/24 -> 192.168.1.0/24
> map wi0 192.168.1.0/24 -> 10.0.132.0/24 proxy port ftp ftp/tcp
> map wi0 192.168.1.0/24 -> 10.0.132.0/24 portmap tcp/udp 40000:60000
> map wi0 192.168.1.0/24 -> 10.0.132.0/24

No, here you only want
map ep0 10.0.132.0/24 -> 192.168.1.0/24 proxy port ftp ftp/tcp
map ep0 10.0.132.0/24 -> 192.168.1.0/24 portmap tcp/udp 40000:60000
map ep0 10.0.132.0/24 -> 192.168.1.0/24

The ipnat keep a list of connections it has mapped on ep0, and will also
map back incoming packets.

> 
> then i have ipforwarding in sysctl = 1. Now i first run
> # ipf -Fa -f ipf.conf
> and then run
> # ipnat -f ipnat.conf
> 
> my wirless interface wi0 is able to assign ip addresses as i am running
> dhcpd server. i know this as my wireless laptop shows the connection.
> however the router itself does not forward the packets at all and as a
> result my laptop is only able to ping 10.0.132.71 (ip address of wi0) and
> nothing else.
> 
> what am i doing wrong????? any help would be great.

You may also need
sysctl -w net.inet.ip.forwarding=1

-- 
Manuel Bouyer <bouyer@antioche.eu.org>
     NetBSD: 24 ans d'experience feront toujours la difference
--