Complete.Org: Mailing Lists: Archives: linux-help: February 2000:
[linux-help] IP Alias, IP Masq, port forwarding 		Home

[linux-help] IP Alias, IP Masq, port forwarding

[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: linux-help@xxxxxxxxx
Subject: [linux-help] IP Alias, IP Masq, port forwarding
From: Thomas Bloom <tom@xxxxxxxxx>
Date: Wed, 16 Feb 2000 17:26:57 -0600
Reply-to: linux-help@xxxxxxxxx 
I am having trouble with a new gateway/firewall box.  It is running 
Debian 2.1
Kernel 2.2.13

The masq works, and the port forwarding work on the main dev eth0.  The
alias does not seem to be working.  I add the entries for eth0:x
devices,and I added the host route entries.  The routes show up when the
route command is issued, but when I type ifconfig the eth0:x devices do not
show up.  I can ping the aliased ip from the machine they are installed on,
but I can't ping them from any other machine on the network


ifconfig output
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:3924  Metric:1
          RX packets:48 errors:0 dropped:0 overruns:0 frame:0
          TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
          Collisions:0 

eth0      Link encap:Ethernet  HWaddr 08:00:00:35:16:84  
          inet addr:xxx.xxx.xxx.245  Bcast:xxx.xxx.xxx.255
Mask:255.255.255.128
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:49344 errors:0 dropped:0 overruns:0 frame:0
          TX packets:11010 errors:0 dropped:0 overruns:0 carrier:0
          Collisions:11 
          Interrupt:11 Base address:0x340 

eth1      Link encap:Ethernet  HWaddr 08:00:00:30:87:36  
          inet addr:192.168.1.254  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2202 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1 errors:0 dropped:0 overruns:0 carrier:0
          Collisions:0 
          Interrupt:5 Base address:0x200 

eth2      Link encap:Ethernet  HWaddr 08:00:00:00:49:64  
          inet addr:192.168.2.254  Bcast:192.168.2.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:15970 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5934 errors:0 dropped:0 overruns:0 carrier:0
          Collisions:127 
          Interrupt:9 Base address:0x220 

eth3      Link encap:Ethernet  HWaddr 08:00:00:80:31:30  
          inet addr:192.168.3.254  Bcast:192.168.3.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          Collisions:0 
          Interrupt:10 Base address:0x300 




#! /bin/sh
#
# This file was automatically customized by debmake on Thu, 29 Jan 1998
16:20:37 -0800
#
# Written by Miquel van Smoorenburg <miquels@xxxxxxxxxxxxxx>.
# Modified for Debian GNU/Linux by Ian Murdock <imurdock@xxxxxxxxxxxxxx>.
# Modified for Debian by Christoph Lameter <clameter@xxxxxxxxxx>

PATH=/bin:/usr/bin:/sbin:/usr/sbin
DAEMON=/usr/sbin/ipmasqadm
# The following value is extracted by debstd to figure out how to generate
# the postinst script. Edit the field to change the way the script is
# registered through update-rc.d (see the manpage for update-rc.d!)
FLAGS="defaults 50"

test -f $DAEMON || exit 0

portfwrules () {
        #REPLACE WITH YOUR RULES
        echo -n
        ipmasqadm portfw -a -P tcp -L xxx.xxx.xxx.245 25 -R 192.168.2.252 25
        ipmasqadm portfw -a -P udp -L xxx.xxx.xxx.245 25 -R 192.168.2.252 25
        ipmasqadm portfw -a -P tcp -L xxx.xxx.xxx.245 110 -R 192.168.2.252 110
        ipmasqadm portfw -a -P udp -L xxx.xxx.xxx.245 110 -R 192.168.2.252 110
        ipmasqadm portfw -a -P tcp -L xxx.xxx.xxx.245 109 -R 192.168.2.252 109
        ipmasqadm portfw -a -P udp -L xxx.xxx.xxx.245 109 -R 192.168.2.252 109
}

case "$1" in
start)
        portfwrules
        ;;
stop)
        ipmasqadm portfw -f
        ;;
restart|force-reload)
        ipmasqadm portfw -f
        portfwrules
        ;;
*)
        echo "Usage: /etc/init.d/ipportfw {start|stop|restart|force-reload}"
        exit 1
        ;;
esac

exit 0





/etc/init.d/network file


#!/bin/sh
ifconfig lo 127.0.0.1
route add -net 127.0.0.0

IPADDR0=xxx.xxx.xxx.245
NETMASK0=255.255.255.128
NETWORK0=xxx.xxx.xxx.128
BROADCAST0=xxx.xxx.xxx.255

IPADDR01=xxx.xxx.xxx.244
NETMASK01=255.255.255.128
NETWORK01=xxx.xxx.xxx.128
BROADCAST01=xxx.xxx.xxx.255

IPADDR02=xxx.xxx.xxx.243
NETMASK02=255.255.255.128
NETWORK02=xxx.xxx.xxx.128
BROADCAST02=xxx.xxx.xxx.255

IPADDR1=192.168.1.254
NETMASK1=255.255.255.0
NETWORK1=192.168.1.0
BROADCAST1=192.168.1.255

IPADDR2=192.168.2.254
NETMASK2=255.255.255.0
NETWORK2=192.168.2.0
BROADCAST2=192.168.2.255

IPADDR3=192.168.3.254
NETMASK3=255.255.255.0
NETWORK3=192.168.3.0
BROADCAST3=192.168.3.255


GATEWAY=xxx.xxx.xxx.254

ifconfig eth0 ${IPADDR0} netmask ${NETMASK0} broadcast ${BROADCAST0} -promisc
ifconfig eth0:1 ${IPADDR01} netmask ${NETMASK01} broadcast ${BROADCAST01}
ifconfig eth0:2 ${IPADDR02} netmask ${NETMASK02} broadcast ${BROADCAST02}

ifconfig eth1 ${IPADDR1} netmask ${NETMASK1} broadcast ${BROADCAST1}
ifconfig eth2 ${IPADDR2} netmask ${NETMASK2} broadcast ${BROADCAST2}
ifconfig eth3 ${IPADDR3} netmask ${NETMASK3} broadcast ${BROADCAST3}

route add -net ${NETWORK0}
route add -net ${NETWORK1}
route add -net ${NETWORK2}
route add -net ${NETWORK3}

route add -host ${IPADDR01} dev eth0:1
route add -host ${IPADDR02} dev eth0:2 

[ "${GATEWAY}" ] && route add default gw ${GATEWAY} metric 1






kernel .config file


#
# Automatically generated by make menuconfig: don't edit
#

#
# Code maturity level options
#
CONFIG_EXPERIMENTAL=y

#
# Processor type and features
#
# CONFIG_M386 is not set
CONFIG_M486=y
# CONFIG_M586 is not set
# CONFIG_M586TSC is not set
# CONFIG_M686 is not set
CONFIG_X86_WP_WORKS_OK=y
CONFIG_X86_INVLPG=y
CONFIG_X86_BSWAP=y
CONFIG_X86_POPAD_OK=y
CONFIG_1GB=y
# CONFIG_2GB is not set
# CONFIG_MATH_EMULATION is not set
# CONFIG_MTRR is not set
# CONFIG_SMP is not set

#
# Loadable module support
#
CONFIG_MODULES=y
# CONFIG_MODVERSIONS is not set
# CONFIG_KMOD is not set

#
# General setup
#
CONFIG_NET=y
# CONFIG_PCI is not set
# CONFIG_MCA is not set
# CONFIG_VISWS is not set
CONFIG_SYSVIPC=y
# CONFIG_BSD_PROCESS_ACCT is not set
CONFIG_SYSCTL=y
CONFIG_BINFMT_AOUT=y
CONFIG_BINFMT_ELF=y
CONFIG_BINFMT_MISC=y
# CONFIG_BINFMT_JAVA is not set
# CONFIG_PARPORT is not set
# CONFIG_APM is not set

#
# Plug and Play support
#
# CONFIG_PNP is not set

#
# Block devices
#
CONFIG_BLK_DEV_FD=y
CONFIG_BLK_DEV_IDE=y
# CONFIG_BLK_DEV_HD_IDE is not set
CONFIG_BLK_DEV_IDEDISK=y
CONFIG_BLK_DEV_IDECD=m
# CONFIG_BLK_DEV_IDETAPE is not set
# CONFIG_BLK_DEV_IDEFLOPPY is not set
# CONFIG_BLK_DEV_IDESCSI is not set
CONFIG_BLK_DEV_CMD640=y
# CONFIG_BLK_DEV_CMD640_ENHANCED is not set
# CONFIG_IDE_CHIPSETS is not set
CONFIG_BLK_DEV_LOOP=m
CONFIG_BLK_DEV_NBD=m
# CONFIG_BLK_DEV_MD is not set
# CONFIG_BLK_DEV_RAM is not set
# CONFIG_BLK_DEV_XD is not set
CONFIG_PARIDE_PARPORT=y
# CONFIG_PARIDE is not set
# CONFIG_BLK_CPQ_DA is not set
# CONFIG_BLK_DEV_HD is not set

#
# Networking options
#
CONFIG_PACKET=y
CONFIG_NETLINK=y
CONFIG_RTNETLINK=y
CONFIG_NETLINK_DEV=m
CONFIG_FIREWALL=y
# CONFIG_FILTER is not set
CONFIG_UNIX=y
CONFIG_INET=y
# CONFIG_IP_MULTICAST is not set
CONFIG_IP_ADVANCED_ROUTER=y
CONFIG_RTNETLINK=y
CONFIG_NETLINK=y
# CONFIG_IP_MULTIPLE_TABLES is not set
# CONFIG_IP_ROUTE_MULTIPATH is not set
# CONFIG_IP_ROUTE_TOS is not set
CONFIG_IP_ROUTE_VERBOSE=y
# CONFIG_IP_ROUTE_LARGE_TABLES is not set
# CONFIG_IP_PNP is not set
CONFIG_IP_FIREWALL=y
# CONFIG_IP_FIREWALL_NETLINK is not set
CONFIG_IP_TRANSPARENT_PROXY=y
CONFIG_IP_MASQUERADE=y
CONFIG_IP_MASQUERADE_ICMP=y
CONFIG_IP_MASQUERADE_MOD=y
CONFIG_IP_MASQUERADE_IPAUTOFW=m
CONFIG_IP_MASQUERADE_IPPORTFW=m
CONFIG_IP_MASQUERADE_MFW=m
CONFIG_IP_ROUTER=y
# CONFIG_NET_IPIP is not set
# CONFIG_NET_IPGRE is not set
CONFIG_IP_ALIAS=y
# CONFIG_ARPD is not set
# CONFIG_SYN_COOKIES is not set
# CONFIG_INET_RARP is not set
# CONFIG_SKB_LARGE is not set
CONFIG_IPV6=m
# CONFIG_IPV6_EUI64 is not set
# CONFIG_IPX is not set
# CONFIG_ATALK is not set
# CONFIG_X25 is not set
# CONFIG_LAPB is not set
# CONFIG_BRIDGE is not set
# CONFIG_LLC is not set
# CONFIG_ECONET is not set
# CONFIG_WAN_ROUTER is not set
# CONFIG_NET_FASTROUTE is not set
# CONFIG_NET_HW_FLOWCONTROL is not set
# CONFIG_CPU_IS_SLOW is not set

#
# QoS and/or fair queueing
#
# CONFIG_NET_SCHED is not set


#
# Network device support
#
CONFIG_NETDEVICES=y


#
# Ethernet (10 or 100Mbit)
#
CONFIG_NET_ETHERNET=y
# CONFIG_NET_VENDOR_3COM is not set
# CONFIG_LANCE is not set
# CONFIG_NET_VENDOR_SMC is not set
# CONFIG_NET_VENDOR_RACAL is not set
# CONFIG_RTL8139 is not set
# CONFIG_SIS900 is not set
# CONFIG_YELLOWFIN is not set
CONFIG_NET_ISA=y
# CONFIG_AT1700 is not set
# CONFIG_E2100 is not set
# CONFIG_DEPCA is not set
# CONFIG_EWRK3 is not set
# CONFIG_EEXPRESS is not set
# CONFIG_EEXPRESS_PRO is not set
# CONFIG_FMV18X is not set
# CONFIG_HPLAN_PLUS is not set
# CONFIG_HPLAN is not set
# CONFIG_HP100 is not set
# CONFIG_ETH16I is not set
CONFIG_NE2000=m
# CONFIG_SEEQ8005 is not set
# CONFIG_SK_G16 is not set
# CONFIG_NET_EISA is not set
# CONFIG_NET_POCKET is not set
# CONFIG_FDDI is not set
# CONFIG_HIPPI is not set
CONFIG_PPP=m
CONFIG_SLIP=m
# CONFIG_SLIP_COMPRESSED is not set
# CONFIG_SLIP_SMART is not set
# CONFIG_SLIP_MODE_SLIP6 is not set
# CONFIG_NET_RADIO is not set




-- This is the linux-help@xxxxxxxxx list.  To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
[Prev in Thread] Current Thread [Next in Thread]