Return to BSD News archive
#! rnews 3016 bsd Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.mel.connect.com.au!munnari.OZ.AU!news.ecn.uoknor.edu!news.eng.convex.com!newshost.convex.com!news.duke.edu!news.mathworks.com!newsfeed.internetmci.com!howland.reston.ans.net!Germany.EU.net!zib-berlin.de!news.tu-chemnitz.de!irz401!uriah.heep!news From: j@uriah.heep.sax.de (J Wunsch) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: Help with user PPP (server) and net routing Date: 24 Jan 1996 21:09:03 GMT Organization: Private BSD site, Dresden Lines: 46 Message-ID: <4e675f$med@uriah.heep.sax.de> References: <wsuffaDLK4BC.Bwx@netcom.com> Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) NNTP-Posting-Host: localhost.heep.sax.de Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Newsreader: knews 0.9.3 wsuffa@netcom.com (William Suffa) writes: > > I've beaten my head against the wall long enough. It's time to break down > and ask for help on configuring my FreeBSD box. The bad news for you: there's no easy way out. > ed0, SMC card at 206.64.65.2 (default gateway) connected to Cisco Router > ed1, NE2000 clone at 10.0.1.1, connected to office ethernet > We have been using the box as a shell system to achieve mail and internet > connectivity, but we would like to allow the workstations on the network > to access the 'net directly for WWW and other TCP/IP applications. At > present, we must telnet to the FreeBSD server through the ethernet (ed1), > or dialup and login to a shell account, then telnet/ftp/... to reach > the rest of the world. I have spent a good 100 hours beating on this > thing, and it doesn't want to forward IP packets between the two ethernet > interfaces, or between a PPP dialup and ed0. Here's what I've done: Your problem is that the 10.0.0.0 network is not being routed on the Internet. That's the purpose it serves... Hence your IP packets with 10.X.X.X addresses won't pass any gateway on the Internet, and any response packets for them will be immediately dropped. I think your only chance is to establish some proxy services on the FreeBSD machine that convert external to internal IP addresses and visa verse. Don't ask me how to do this however, i'm not a very big fan of firewalls and all that stuff, i rather prefer fully-routed networks and security based on The True Religion as Unix systems are able to provide. > P.S.: Can anyone tell me the best way to upgrade from this SNAP to the > current release? is it best to download the sources and recompile, or > should I start from scratch? You could take the `upgrade' route (menu item), i think. Make sure you've got reasonable backups, in particular from the stuff in /etc. The upgrade option from sysinstall suggests that it would leave the old files somewhere, but it actually doesn't. :-/ -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)