206 lines
6.2 KiB
HTML
206 lines
6.2 KiB
HTML
<!--startcut ======================================================= -->
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
|
|
<html><head>
|
|
<META NAME="generator" CONTENT="lgazmail v1.1preC">
|
|
<TITLE>The Answer Guy 33:
|
|
IP and Sendmail Masquerading over a Cablemodem</TITLE>
|
|
<!-- ORIGINAL SUBJECT:
|
|
ip masquerading
|
|
JTD SUBTITLE:
|
|
|
|
-->
|
|
</head>
|
|
|
|
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#A000A0"
|
|
ALINK="#FF0000">
|
|
<H4>"Linux Gazette...<I>making Linux just a little more fun!</I>"
|
|
</H4>
|
|
<P> <hr> <P>
|
|
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
<H1 align="center"><A NAME="answer">
|
|
<img src="../../gx/dennis/qbubble.gif" alt="" border="0" align="middle">
|
|
<a href="../index.html">The Answer Guy</a>
|
|
<img src="../../gx/dennis/bbubble.gif" alt="" border="0" align="middle">
|
|
</A></H1>
|
|
<BR>
|
|
<H4 align="center">By James T. Dennis,
|
|
<a href="mailto:linux-questions-only@ssc.com">linux-questions-only@ssc.com</a>
|
|
<BR>Starshine Technical Services, <A HREF="http://www.starshine.org/">http://www.starshine.org/</A>
|
|
</H4>
|
|
<p><hr><p>
|
|
<!--endcut ========================================================= -->
|
|
<H3><img src="../../gx/dennis/qbub.gif" alt="(?)"
|
|
width="50" height="28" align="left" border="0"
|
|
>IP and Sendmail Masquerading over a Cablemodem</H3>
|
|
<p><strong>From Marty Leisner on 22 Sep 1998 </strong></p>
|
|
<!-- begin body -->
|
|
|
|
<p><strong>
|
|
I read your column in the May LG. (I'm behind on my reading
|
|
<IMG SRC="../../gx/dennis/smily.gif" ALT=":-)" height="24" width="20"
|
|
align="middle">)
|
|
</strong></p>
|
|
|
|
|
|
<p><strong>
|
|
I recently (last month) got a cable modem and hooked up a
|
|
masquerading firewall...
|
|
</strong></p>
|
|
|
|
|
|
<p><strong>
|
|
On the firewall machine, I have the rule:
|
|
</strong></p>
|
|
|
|
|
|
<pre><strong>ipfwadm -F -p deny
|
|
ipfwadm -F -a m -S 192.168.0.0/24 -D 0.0.0.0/0
|
|
</strong></pre>
|
|
|
|
|
|
<p><strong>
|
|
I got this of the IP-masquerade howto...
|
|
</strong></p>
|
|
|
|
|
|
<p><strong>
|
|
I'm not sure if its the same as the rule:
|
|
<br><code>ipfwadm -F -a accept -m -S 192.168.1.0/24 -D any</code>
|
|
</strong></p>
|
|
|
|
|
|
<blockquote><img src="../../gx/dennis/bbub.gif" alt="(!)"
|
|
width="50" height="28" align="left" border="0"
|
|
>Mine is similar, all 253 of the 192.168.1.* through the
|
|
192.168.254.* class C address blocks are reserved for
|
|
"private net" addressing (use behind proxying firewalls,
|
|
masquerading/NAT (network address translation) routers,
|
|
and on disconnected LAN's).
|
|
</blockquote>
|
|
|
|
|
|
<blockquote>
|
|
I've heard conflicting reports about using 192.168.0.* and
|
|
192.168.255.* (the first and the last of this range).
|
|
So I don't recommend it. If you needed a very large network
|
|
of "private net" (RFC 1918 --- aka RFC 1597) addresses you
|
|
could also use 172.16.*.* through 172.31.*.* --- that's
|
|
sixteen adjacent class B networks, or your could use
|
|
10.*.*.* --- a full class A.
|
|
</blockquote>
|
|
|
|
|
|
|
|
<p><strong><img src="../../gx/dennis/qbub.gif" alt="(?)"
|
|
width="50" height="28" align="left" border="0"
|
|
>Also, you sendmail .mc:
|
|
</strong></p>
|
|
|
|
|
|
|
|
<pre><strong>
|
|
-- FEATURE(always_add_domain)dnl
|
|
FEATURE(allmasquerade)dnl
|
|
FEATURE(always_add_domain)dnl
|
|
FEATURE(masquerade_envelope)dnl
|
|
MASQUERADE_AS($YOURHOST)dnl
|
|
</strong></pre>
|
|
|
|
|
|
|
|
<p><strong>
|
|
adds always_add_domain twice...
|
|
</strong></p>
|
|
|
|
|
|
|
|
<blockquote><img src="../../gx/dennis/bbub.gif" alt="(!)"
|
|
width="50" height="28" align="left" border="0"
|
|
>That's just a typo.
|
|
</blockquote>
|
|
|
|
|
|
<p><strong><img src="../../gx/dennis/qbub.gif" alt="(?)"
|
|
width="50" height="28" align="left" border="0"
|
|
>Is $YOURHOST defined someplace (I just went through the work
|
|
of configuring sendmail a few weeks ago).
|
|
</strong></p>
|
|
|
|
|
|
<blockquote><img src="../../gx/dennis/bbub.gif" alt="(!)"
|
|
width="50" height="28" align="left" border="0"
|
|
>I used $YOURHOST as a marker for my readers to fill in
|
|
with <EM>their</EM> sendmail name. Mine is "starshine.org"
|
|
--- yours is a subdomain off of "rr.com" I expected
|
|
people to clue into that; though I probably should
|
|
explicitly pointed it out.
|
|
</blockquote>
|
|
|
|
|
|
|
|
<p><strong><img src="../../gx/dennis/qbub.gif" alt="(?)"
|
|
width="50" height="28" align="left" border="0"
|
|
>The Feynman problem solving Algorithm
|
|
</strong></p>
|
|
<strong><ol>
|
|
<li>Write down the problem
|
|
<li>Think real hard
|
|
<li>Write down the answer
|
|
</ol></strong>
|
|
<p><strong>
|
|
--- Murray Gell-mann in the NY Times
|
|
</strong></p>
|
|
|
|
|
|
|
|
<blockquote><img src="../../gx/dennis/bbub.gif" alt="(!)"
|
|
width="50" height="28" align="left" border="0"
|
|
>He forgot to show his work in step two!
|
|
</blockquote>
|
|
<!-- end body -->
|
|
<!--startcut ======================================================= -->
|
|
<P> <hr> <P>
|
|
<H5 align="center"><a href="http://www.linuxgazette.com/copying.html"
|
|
>Copyright ©</a> 1998, James T. Dennis <BR>
|
|
Published in <I>Linux Gazette</I> Issue 33 October 1998</H5>
|
|
<P> <hr> <P>
|
|
<!--::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::-->
|
|
<table width="98%"><tr valign="center" align="center">
|
|
<td rowspan="3"><A HREF="../lg_answer33.html"><IMG
|
|
SRC="../../gx/dennis/answernew.gif"
|
|
ALT="[ Answer Guy Index ]"></A></td>
|
|
<td><A HREF="floppy.html">floppy</a>
|
|
<td><A HREF="autocad.html">autocad</a>
|
|
<td><A HREF="scsi.html">scsi</a>
|
|
<td><A HREF="samba_pdc.html">samba_pdc</a>
|
|
<td><A HREF="virthost.html">virthost</a>
|
|
</tr><tr valign="center" align="center">
|
|
<td><A HREF="emacs_cc.html">emacs_cc</a>
|
|
<td><A HREF="ipmasq.html">ipmasq</a>
|
|
<td><A HREF="tty.html">tty</a>
|
|
<td><A HREF="shuffle.html">shuffle</a>
|
|
<td><A HREF="connect.html">connect</a>
|
|
</tr><tr valign="center" align="center">
|
|
<td><A HREF="hostavail.html">hostavail</a>
|
|
<td><A HREF="desqview.html">desqview</a>
|
|
<td><A HREF="catch22.html">catch22</a>
|
|
<td><A HREF="thanks2.html">thanks2</a>
|
|
<td><A HREF="typo.html">typo</a>
|
|
</tr></table>
|
|
<P> <hr> <P>
|
|
<!--::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::-->
|
|
<A HREF="../index.html"><IMG SRC="../../gx/indexnew.gif"
|
|
ALT="[ Table Of Contents ]"></A>
|
|
<A HREF="../../index.html"><IMG SRC="../../gx/homenew.gif"
|
|
ALT="[ Front Page ]"></A>
|
|
<A HREF="../lg_bytes33.html"><IMG SRC="../../gx/back2.gif"
|
|
ALT="[ Previous Section ]"></A>
|
|
<A HREF="../vrenios.html"><IMG SRC="../../gx/fwd.gif"
|
|
ALT="[ Next Section ]"></A>
|
|
<!--::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::-->
|
|
</body>
|
|
</html>
|
|
<!--endcut ========================================================= -->
|
|
|
|
|