Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: Help with NAT
« previous next »
Pages: [1]   Go Down

Help with NAT

  • 4 Replies
  • 557 Views

Eric

Help with NAT
« on: March 20, 2001, 11:10:37 PM »
How do I setup to run NAT instead of Squid. Ultimate goal is to allow access to Napster, AOL chat etc. I am running e-smith 4.1.1 and am very new to all of this. Thanks in advance.
Logged

roland mcintosh

Re: Help with NAT
« Reply #1 on: March 21, 2001, 02:03:43 AM »
I'm pretty sure that networked machines behind an e-smith gateway use NAT by default. If you want to use servers behind the e-smith box you'll have to setup some port-forwarding rules.

i learned a little here by searching the message archives and have done the following.

at a command line on your e-smith box (either hit Alt-F2 on the machine or enable remote SSH access and use a client such as PuTTY) and edit /etc/rc.d/rc.local - i use pico to do this.

add the following, or something like it:

#napsterfor workstation
/usr/sbin/ipmasqadm portfw -a -P tcp -L xxx.xxx.xxx.xxx 5000 -R 192.168.0.3 5000

where the xxx.xxx.xxx.xxx is your internet IP and the 192.168.0.3 is the IP of the machine you would like the port forwarded to. replace 5000 with whatever port you would like to use.

you might want to forward a few ports to each machine so they can all run napster and maybe some other p2p software at the same time.. they'll need to be unique for each machine.

this has worked for me, but i'm not sure if it is the proper "e-smith" way to do things. i think ideally templates shouldbe used, but i can't make any sense out of how that would be done.
Logged

Jean Zouki Junior

Re: Help with NAT
« Reply #2 on: March 23, 2001, 04:29:30 PM »
Let´s assume that your internal network is 192.168.1.x.

Just add the following line at the end of your rc.local file:

/sbin/ipchains -A forward -s 192.168.1.0 -j MASQ

This will allow everyone inside your network to use NAT.

If you want to to enable only certain computers, add as many lines as the number of computers you want to enable, putting each computer IP in each line, as follows:

/sbin/ipchains -A forward -s 192.168.1.3 -j MASQ
/sbin/ipchains -A forward -s 192.168.1.5 -j MASQ
/sbin/ipchains -A forward -s 192.168.1.9 -j MASQ

This will only allow computers with IP´s 192.168.1.3 , 192.168.1.5 and 192.168.1.9 to use NAT.

(note: some prior versions of e-smith do not support the ipchains command so make sure you have e-smith 4.1.1  )

Hope that helps!

Jean Zouki Junior
Logged

Charlie Brady

Re: Help with NAT
« Reply #3 on: March 24, 2001, 06:40:17 AM »
Eric wrote:

> How do I setup to run NAT instead of Squid.

The e-smith server and gateway is configured for NAT by default.

Regards

Charlie
Logged

Charlie Brady

Re: Help with NAT
« Reply #4 on: March 24, 2001, 06:42:17 AM »
Jean Zouki Junior wrote:
>
> Let´s assume that your internal network is 192.168.1.x.
>
> Just add the following line at the end of your rc.local file:
>
> /sbin/ipchains -A forward -s 192.168.1.0 -j MASQ
>
> This will allow everyone inside your network to use NAT.

See /etc/rc.d/init.d/masq:
 
   /sbin/ipchains --append forward -j MASQ --source
       192.168.1.0/255.255.255.0 --destination 0.0.0.0/0

Charlie
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: Help with NAT