Re: SCO 5.0.7 AS ROUTER
From: Jean-Pierre Radley (jpr_at_jpr.com)
Date: 05/23/05
- Next message: John DuBois: "Re: Another MMDF issue - sending full recipient mail addresses"
- Previous message: Brian K. White: "Re: SCO 5.0.7 AS ROUTER"
- In reply to: Brian K. White: "Re: SCO 5.0.7 AS ROUTER"
- Next in thread: Tom Parsons: "Re: SCO 5.0.7 AS ROUTER"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 23 May 2005 14:26:20 -0400
Brian K. White typed (on Mon, May 23, 2005 at 01:46:16PM -0400):
| From: "Jean-Pierre Radley" <jpr@jpr.com>
| > Mainak Yajnik typed (on Sun, May 22, 2005 at 09:04:41AM -0700):
| > | I refered the document mentioned above in the message,
| > |
| > | Issued the command after login as root
| > |
| > | ipnat -FC -f - <<EOF
| > | >map net0 203.112.130.18/24 - 192.168.0.227/24
| > | >EOF
| > |
| > | It still does not passon the packets from 192,168.0.227 network to the
| > | internet 203.112.130.18 is the Public IP
| >
| > I assume that net0 is for the outside NIC, not the inside 192.168 NIC.
| > If not, then you want the remapping to be on net1.
| >
| > Anyhow, you have it wrong. You want to map anything on 192.168.0 (a /24
| > network) to the single public address at 203.112.130.18. And you need
| > '->', not '-', in the map command.
| >
| > Put this into /etc/ipnat.rules:
| >
| > map net0 198.207.0.0/24 -> 203.112.130.18/32
| >
| > and run
| > /etc/ipnat -CF -f /etc/ipnat.rules
| >
| > You should put that last command into /etc/rc.d/7/* so that it runs when
| > you reboot,
|
| /etc/init.d/ipfnat already exists in the base system and it looks for
| /etc/ipnat.conf and /etc/ipf.conf
| put nat rules like above in /etc/ipnat.conf
| put firewall rules in /etc/ipf.conf
| you can run /etc/init.d/ipfnat stop/start whenever you want and symlink it
| to /etc/rc2.d/S99ipfnat so it runs at boot.
|
| So I would:
|
| echo "map net0 198.207.0.0/24 -> 203.112.130.18/32" >/etc/ipnat.conf
| ln -s /etc/init.d/ipfnat /etc/rc2.d/S99ipfnat
| /etc/init.d/ipfnat stop
| /etc/init.d/ipfnat start
|
| And from then on, edit ipnat.conf and ipf.conf to add/remove rules
| and run /etc/init.d/ipfnat stop ; /etc/init.d/ipfnat start to get changes
| into effect without rebooting.
I stayed with my entries under /etc/rc.d when I went to 5.0.7 because
said script lacks what the better rc scripts often have, namely disable
and enable options, and it also doesn't start ipmon, whose log I do look
at from time to time.
-- JP
- Next message: John DuBois: "Re: Another MMDF issue - sending full recipient mail addresses"
- Previous message: Brian K. White: "Re: SCO 5.0.7 AS ROUTER"
- In reply to: Brian K. White: "Re: SCO 5.0.7 AS ROUTER"
- Next in thread: Tom Parsons: "Re: SCO 5.0.7 AS ROUTER"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
