Complete.Org: Mailing Lists: Archives: linux-help: February 2000:
[linux-help] Re: IP Alias, IP Masq, port forwarding 		Home

[linux-help] Re: IP Alias, IP Masq, port forwarding

[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: linux-help@xxxxxxxxx
Subject: [linux-help] Re: IP Alias, IP Masq, port forwarding
From: Jonathan Hall <jonhall@xxxxxxxxxxxx>
Date: Wed, 16 Feb 2000 18:03:10 -0600
Reply-to: linux-help@xxxxxxxxx 
I am not using masqing on that mahcine.  I can send you the kernel config
file, tho...


On Wed, Feb 16, 2000 at 05:48:18PM -0600, Thomas Bloom wrote:
> It does not change anything same results.  Do you still have a copy of your
> kernel config file? Do you have ipmas,and ip_alias running on the same
> machine? 
> 
> My biggest problem is that I can't get the aliased ips to talk on the
> network to other machines.  
> 
> At 05:42 PM 2/16/00 -0600, you wrote:
> >I've experienced the exact same thing in regards to ifconfig not showing
> >eth0:1, etc...  It worked for me in 2.0.x, but not 2.2.x... dunno why. 
> >"ifconfig" alone does not show eth0:1, eth0:2, etc... if you do "ifconfig
> >eth0:1", it *does* show it, tho.  My aliased devices work fine, tho, even
> >tho they don't by default show up in ifconfig's output.
> >
> >Have you done:  echo "1" > /proc/sys/net/ipv4/ip_forward?
> >
> >
> >On Wed, Feb 16, 2000 at 05:26:57PM -0600, Thomas Bloom wrote:
> >> I am having trouble with a new gateway/firewall box.  It is running 
> >> Debian 2.1
> >> Kernel 2.2.13
> >> 
> >> The masq works, and the port forwarding work on the main dev eth0.  The
> >> alias does not seem to be working.  I add the entries for eth0:x
> >> devices,and I added the host route entries.  The routes show up when the
> >> route command is issued, but when I type ifconfig the eth0:x devices do not
> >> show up.  I can ping the aliased ip from the machine they are installed on,
> >> but I can't ping them from any other machine on the network
> >> 
> >> 
> >> ifconfig output
> >> lo        Link encap:Local Loopback  
> >>           inet addr:127.0.0.1  Mask:255.0.0.0
> >>           UP LOOPBACK RUNNING  MTU:3924  Metric:1
> >>           RX packets:48 errors:0 dropped:0 overruns:0 frame:0
> >>           TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
> >>           Collisions:0 
> >> 
> >> eth0      Link encap:Ethernet  HWaddr 08:00:00:35:16:84  
> >>           inet addr:xxx.xxx.xxx.245  Bcast:xxx.xxx.xxx.255
> >> Mask:255.255.255.128
> >>           UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
> >>           RX packets:49344 errors:0 dropped:0 overruns:0 frame:0
> >>           TX packets:11010 errors:0 dropped:0 overruns:0 carrier:0
> >>           Collisions:11 
> >>           Interrupt:11 Base address:0x340 
> >> 
> >> eth1      Link encap:Ethernet  HWaddr 08:00:00:30:87:36  
> >>           inet addr:192.168.1.254  Bcast:192.168.1.255  Mask:255.255.255.0
> >>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >>           RX packets:2202 errors:0 dropped:0 overruns:0 frame:0
> >>           TX packets:1 errors:0 dropped:0 overruns:0 carrier:0
> >>           Collisions:0 
> >>           Interrupt:5 Base address:0x200 
> >> 
> >> eth2      Link encap:Ethernet  HWaddr 08:00:00:00:49:64  
> >>           inet addr:192.168.2.254  Bcast:192.168.2.255  Mask:255.255.255.0
> >>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >>           RX packets:15970 errors:0 dropped:0 overruns:0 frame:0
> >>           TX packets:5934 errors:0 dropped:0 overruns:0 carrier:0
> >>           Collisions:127 
> >>           Interrupt:9 Base address:0x220 
> >> 
> >> eth3      Link encap:Ethernet  HWaddr 08:00:00:80:31:30  
> >>           inet addr:192.168.3.254  Bcast:192.168.3.255  Mask:255.255.255.0
> >>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >>           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> >>           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
> >>           Collisions:0 
> >>           Interrupt:10 Base address:0x300 
> >> 
> >> 
> >> 
> >> 
> >> #! /bin/sh
> >> #
> >> # This file was automatically customized by debmake on Thu, 29 Jan 1998
> >> 16:20:37 -0800
> >> #
> >> # Written by Miquel van Smoorenburg <miquels@xxxxxxxxxxxxxx>.
> >> # Modified for Debian GNU/Linux by Ian Murdock <imurdock@xxxxxxxxxxxxxx>.
> >> # Modified for Debian by Christoph Lameter <clameter@xxxxxxxxxx>
> >> 
> >> PATH=/bin:/usr/bin:/sbin:/usr/sbin
> >> DAEMON=/usr/sbin/ipmasqadm
> >> # The following value is extracted by debstd to figure out how to generate
> >> # the postinst script. Edit the field to change the way the script is
> >> # registered through update-rc.d (see the manpage for update-rc.d!)
> >> FLAGS="defaults 50"
> >> 
> >> test -f $DAEMON || exit 0
> >> 
> >> portfwrules () {
> >>    #REPLACE WITH YOUR RULES
> >>    echo -n
> >>    ipmasqadm portfw -a -P tcp -L xxx.xxx.xxx.245 25 -R 192.168.2.252 25
> >>    ipmasqadm portfw -a -P udp -L xxx.xxx.xxx.245 25 -R 192.168.2.252 25
> >>    ipmasqadm portfw -a -P tcp -L xxx.xxx.xxx.245 110 -R 192.168.2.252 110
> >>    ipmasqadm portfw -a -P udp -L xxx.xxx.xxx.245 110 -R 192.168.2.252 110
> >>    ipmasqadm portfw -a -P tcp -L xxx.xxx.xxx.245 109 -R 192.168.2.252 109
> >>    ipmasqadm portfw -a -P udp -L xxx.xxx.xxx.245 109 -R 192.168.2.252 109
> >> }
> >> 
> >> case "$1" in
> >> start)
> >>    portfwrules
> >>    ;;
> >> stop)
> >>    ipmasqadm portfw -f
> >>    ;;
> >> restart|force-reload)
> >>    ipmasqadm portfw -f
> >>    portfwrules
> >>    ;;
> >> *)
> >>    echo "Usage: /etc/init.d/ipportfw {start|stop|restart|force-reload}"
> >>    exit 1
> >>    ;;
> >> esac
> >> 
> >> exit 0
> >> 
> >> 
> >> 
> >> 
> >> 
> >> /etc/init.d/network file
> >> 
> >> 
> >> #!/bin/sh
> >> ifconfig lo 127.0.0.1
> >> route add -net 127.0.0.0
> >> 
> >> IPADDR0=xxx.xxx.xxx.245
> >> NETMASK0=255.255.255.128
> >> NETWORK0=xxx.xxx.xxx.128
> >> BROADCAST0=xxx.xxx.xxx.255
> >> 
> >> IPADDR01=xxx.xxx.xxx.244
> >> NETMASK01=255.255.255.128
> >> NETWORK01=xxx.xxx.xxx.128
> >> BROADCAST01=xxx.xxx.xxx.255
> >> 
> >> IPADDR02=xxx.xxx.xxx.243
> >> NETMASK02=255.255.255.128
> >> NETWORK02=xxx.xxx.xxx.128
> >> BROADCAST02=xxx.xxx.xxx.255
> >> 
> >> IPADDR1=192.168.1.254
> >> NETMASK1=255.255.255.0
> >> NETWORK1=192.168.1.0
> >> BROADCAST1=192.168.1.255
> >> 
> >> IPADDR2=192.168.2.254
> >> NETMASK2=255.255.255.0
> >> NETWORK2=192.168.2.0
> >> BROADCAST2=192.168.2.255
> >> 
> >> IPADDR3=192.168.3.254
> >> NETMASK3=255.255.255.0
> >> NETWORK3=192.168.3.0
> >> BROADCAST3=192.168.3.255
> >> 
> >> 
> >> GATEWAY=xxx.xxx.xxx.254
> >> 
> >> ifconfig eth0 ${IPADDR0} netmask ${NETMASK0} broadcast ${BROADCAST0}
> -promisc
> >> ifconfig eth0:1 ${IPADDR01} netmask ${NETMASK01} broadcast ${BROADCAST01}
> >> ifconfig eth0:2 ${IPADDR02} netmask ${NETMASK02} broadcast ${BROADCAST02}
> >> 
> >> ifconfig eth1 ${IPADDR1} netmask ${NETMASK1} broadcast ${BROADCAST1}
> >> ifconfig eth2 ${IPADDR2} netmask ${NETMASK2} broadcast ${BROADCAST2}
> >> ifconfig eth3 ${IPADDR3} netmask ${NETMASK3} broadcast ${BROADCAST3}
> >> 
> >> route add -net ${NETWORK0}
> >> route add -net ${NETWORK1}
> >> route add -net ${NETWORK2}
> >> route add -net ${NETWORK3}
> >> 
> >> route add -host ${IPADDR01} dev eth0:1
> >> route add -host ${IPADDR02} dev eth0:2 
> >> 
> >> [ "${GATEWAY}" ] && route add default gw ${GATEWAY} metric 1
> >> 
> >> 
> >> 
> >> 
> >> 
> >> 
> >> kernel .config file
> >> 
> >> 
> >> #
> >> # Automatically generated by make menuconfig: don't edit
> >> #
> >> 
> >> #
> >> # Code maturity level options
> >> #
> >> CONFIG_EXPERIMENTAL=y
> >> 
> >> #
> >> # Processor type and features
> >> #
> >> # CONFIG_M386 is not set
> >> CONFIG_M486=y
> >> # CONFIG_M586 is not set
> >> # CONFIG_M586TSC is not set
> >> # CONFIG_M686 is not set
> >> CONFIG_X86_WP_WORKS_OK=y
> >> CONFIG_X86_INVLPG=y
> >> CONFIG_X86_BSWAP=y
> >> CONFIG_X86_POPAD_OK=y
> >> CONFIG_1GB=y
> >> # CONFIG_2GB is not set
> >> # CONFIG_MATH_EMULATION is not set
> >> # CONFIG_MTRR is not set
> >> # CONFIG_SMP is not set
> >> 
> >> #
> >> # Loadable module support
> >> #
> >> CONFIG_MODULES=y
> >> # CONFIG_MODVERSIONS is not set
> >> # CONFIG_KMOD is not set
> >> 
> >> #
> >> # General setup
> >> #
> >> CONFIG_NET=y
> >> # CONFIG_PCI is not set
> >> # CONFIG_MCA is not set
> >> # CONFIG_VISWS is not set
> >> CONFIG_SYSVIPC=y
> >> # CONFIG_BSD_PROCESS_ACCT is not set
> >> CONFIG_SYSCTL=y
> >> CONFIG_BINFMT_AOUT=y
> >> CONFIG_BINFMT_ELF=y
> >> CONFIG_BINFMT_MISC=y
> >> # CONFIG_BINFMT_JAVA is not set
> >> # CONFIG_PARPORT is not set
> >> # CONFIG_APM is not set
> >> 
> >> #
> >> # Plug and Play support
> >> #
> >> # CONFIG_PNP is not set
> >> 
> >> #
> >> # Block devices
> >> #
> >> CONFIG_BLK_DEV_FD=y
> >> CONFIG_BLK_DEV_IDE=y
> >> # CONFIG_BLK_DEV_HD_IDE is not set
> >> CONFIG_BLK_DEV_IDEDISK=y
> >> CONFIG_BLK_DEV_IDECD=m
> >> # CONFIG_BLK_DEV_IDETAPE is not set
> >> # CONFIG_BLK_DEV_IDEFLOPPY is not set
> >> # CONFIG_BLK_DEV_IDESCSI is not set
> >> CONFIG_BLK_DEV_CMD640=y
> >> # CONFIG_BLK_DEV_CMD640_ENHANCED is not set
> >> # CONFIG_IDE_CHIPSETS is not set
> >> CONFIG_BLK_DEV_LOOP=m
> >> CONFIG_BLK_DEV_NBD=m
> >> # CONFIG_BLK_DEV_MD is not set
> >> # CONFIG_BLK_DEV_RAM is not set
> >> # CONFIG_BLK_DEV_XD is not set
> >> CONFIG_PARIDE_PARPORT=y
> >> # CONFIG_PARIDE is not set
> >> # CONFIG_BLK_CPQ_DA is not set
> >> # CONFIG_BLK_DEV_HD is not set
> >> 
> >> #
> >> # Networking options
> >> #
> >> CONFIG_PACKET=y
> >> CONFIG_NETLINK=y
> >> CONFIG_RTNETLINK=y
> >> CONFIG_NETLINK_DEV=m
> >> CONFIG_FIREWALL=y
> >> # CONFIG_FILTER is not set
> >> CONFIG_UNIX=y
> >> CONFIG_INET=y
> >> # CONFIG_IP_MULTICAST is not set
> >> CONFIG_IP_ADVANCED_ROUTER=y
> >> CONFIG_RTNETLINK=y
> >> CONFIG_NETLINK=y
> >> # CONFIG_IP_MULTIPLE_TABLES is not set
> >> # CONFIG_IP_ROUTE_MULTIPATH is not set
> >> # CONFIG_IP_ROUTE_TOS is not set
> >> CONFIG_IP_ROUTE_VERBOSE=y
> >> # CONFIG_IP_ROUTE_LARGE_TABLES is not set
> >> # CONFIG_IP_PNP is not set
> >> CONFIG_IP_FIREWALL=y
> >> # CONFIG_IP_FIREWALL_NETLINK is not set
> >> CONFIG_IP_TRANSPARENT_PROXY=y
> >> CONFIG_IP_MASQUERADE=y
> >> CONFIG_IP_MASQUERADE_ICMP=y
> >> CONFIG_IP_MASQUERADE_MOD=y
> >> CONFIG_IP_MASQUERADE_IPAUTOFW=m
> >> CONFIG_IP_MASQUERADE_IPPORTFW=m
> >> CONFIG_IP_MASQUERADE_MFW=m
> >> CONFIG_IP_ROUTER=y
> >> # CONFIG_NET_IPIP is not set
> >> # CONFIG_NET_IPGRE is not set
> >> CONFIG_IP_ALIAS=y
> >> # CONFIG_ARPD is not set
> >> # CONFIG_SYN_COOKIES is not set
> >> # CONFIG_INET_RARP is not set
> >> # CONFIG_SKB_LARGE is not set
> >> CONFIG_IPV6=m
> >> # CONFIG_IPV6_EUI64 is not set
> >> # CONFIG_IPX is not set
> >> # CONFIG_ATALK is not set
> >> # CONFIG_X25 is not set
> >> # CONFIG_LAPB is not set
> >> # CONFIG_BRIDGE is not set
> >> # CONFIG_LLC is not set
> >> # CONFIG_ECONET is not set
> >> # CONFIG_WAN_ROUTER is not set
> >> # CONFIG_NET_FASTROUTE is not set
> >> # CONFIG_NET_HW_FLOWCONTROL is not set
> >> # CONFIG_CPU_IS_SLOW is not set
> >> 
> >> #
> >> # QoS and/or fair queueing
> >> #
> >> # CONFIG_NET_SCHED is not set
> >> 
> >> 
> >> #
> >> # Network device support
> >> #
> >> CONFIG_NETDEVICES=y
> >> 
> >> 
> >> #
> >> # Ethernet (10 or 100Mbit)
> >> #
> >> CONFIG_NET_ETHERNET=y
> >> # CONFIG_NET_VENDOR_3COM is not set
> >> # CONFIG_LANCE is not set
> >> # CONFIG_NET_VENDOR_SMC is not set
> >> # CONFIG_NET_VENDOR_RACAL is not set
> >> # CONFIG_RTL8139 is not set
> >> # CONFIG_SIS900 is not set
> >> # CONFIG_YELLOWFIN is not set
> >> CONFIG_NET_ISA=y
> >> # CONFIG_AT1700 is not set
> >> # CONFIG_E2100 is not set
> >> # CONFIG_DEPCA is not set
> >> # CONFIG_EWRK3 is not set
> >> # CONFIG_EEXPRESS is not set
> >> # CONFIG_EEXPRESS_PRO is not set
> >> # CONFIG_FMV18X is not set
> >> # CONFIG_HPLAN_PLUS is not set
> >> # CONFIG_HPLAN is not set
> >> # CONFIG_HP100 is not set
> >> # CONFIG_ETH16I is not set
> >> CONFIG_NE2000=m
> >> # CONFIG_SEEQ8005 is not set
> >> # CONFIG_SK_G16 is not set
> >> # CONFIG_NET_EISA is not set
> >> # CONFIG_NET_POCKET is not set
> >> # CONFIG_FDDI is not set
> >> # CONFIG_HIPPI is not set
> >> CONFIG_PPP=m
> >> CONFIG_SLIP=m
> >> # CONFIG_SLIP_COMPRESSED is not set
> >> # CONFIG_SLIP_SMART is not set
> >> # CONFIG_SLIP_MODE_SLIP6 is not set
> >> # CONFIG_NET_RADIO is not set
> >> 
> >> 
> >> 
> >> 
> >> -- This is the linux-help@xxxxxxxxx list.  To unsubscribe,
> >> visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
> >
> >--
> >"Who the h*** wants to hear actors talk?" -- H.M. Warner, Warner Brothers,
> >1927
> >--
> >- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> >  Jonathan Hall  *  jonhall@xxxxxxxxxxxx  *  PGP public key available
> > Systems Admin, Future Internet Services; Goessel, KS * (316) 367-2487
> >         http://www.futureks.net  *  PGP Key ID: FE 00 FD 51
> >                  -=  Running Debian GNU/Linux  =-
> >- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> >
> >-- This is the linux-help@xxxxxxxxx list.  To unsubscribe,
> >visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
> >
> 
> -- This is the linux-help@xxxxxxxxx list.  To unsubscribe,
> visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi

--
Floppy disk tip #5: Data access time may be greatly improved by cutting more
holes in the diskette jacket.  This will provide more simultaneous access
points to the disk.
--
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  Jonathan Hall  *  jonhall@xxxxxxxxxxxx  *  PGP public key available
 Systems Admin, Future Internet Services; Goessel, KS * (316) 367-2487
         http://www.futureks.net  *  PGP Key ID: FE 00 FD 51
                  -=  Running Debian GNU/Linux  =-
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

-- This is the linux-help@xxxxxxxxx list.  To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
[Prev in Thread] Current Thread [Next in Thread]