Re: [leaf-user] IP Aliasing in Bearing 1.0-RC3
On Tue, 23 Jul 2002, Russ Price wrote: > [EMAIL PROTECTED] wrote: > > I am trying to add an IP alias for a network card in Bering 1.0-RC3. > > I have tried to add the following lines to /etc/network/interfaces > > > > auto eth1:0 > > iface eth1:0 inet static > > address 192.168.1.254 > > masklen 25 > > broadcast 192.168.1.255 > > > > When I boot I get this error > > Configuring network interfaces: Cannot find device \"eth1:0\" > > > Here's what I did for such a situation: > > auto eth3 > iface eth3 inet static > address 192.168.100.10 > masklen 24 > broadcast 192.168.100.255 > up ip addr add 192.168.101.10/24 dev eth3 > up ip addr add 192.168.102.10/24 dev eth3 > up ip addr add 192.168.103.10/24 dev eth3 > down ip addr del 192.168.101.10/24 dev eth3 > down ip addr del 192.168.102.10/24 dev eth3 > down ip addr del 192.168.103.10/24 dev eth3 > > The "up" and "down" entries can also be used for other shell commands if > desired. There might be other ways of doing it that I don't know about. > If you intend to use static NAT, you can have Shorewall add these for you. Just set ADD_IP_ALIASES=Yes in /etc/shorewall/shorewall.conf and Shorewall will add an alias for each entry in /etc/shorewall/nat. -Tom -- Tom Eastep\ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] IP Aliasing in Bearing 1.0-RC3
[EMAIL PROTECTED] wrote: > I am trying to add an IP alias for a network card in Bering 1.0-RC3. > I have tried to add the following lines to /etc/network/interfaces > > auto eth1:0 > iface eth1:0 inet static > address 192.168.1.254 > masklen 25 > broadcast 192.168.1.255 > > When I boot I get this error > Configuring network interfaces: Cannot find device \"eth1:0\" Here's what I did for such a situation: auto eth3 iface eth3 inet static address 192.168.100.10 masklen 24 broadcast 192.168.100.255 up ip addr add 192.168.101.10/24 dev eth3 up ip addr add 192.168.102.10/24 dev eth3 up ip addr add 192.168.103.10/24 dev eth3 down ip addr del 192.168.101.10/24 dev eth3 down ip addr del 192.168.102.10/24 dev eth3 down ip addr del 192.168.103.10/24 dev eth3 The "up" and "down" entries can also be used for other shell commands if desired. There might be other ways of doing it that I don't know about. Russ --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] IP Aliasing in Bearing 1.0-RC3
I am trying to add an IP alias for a network card in Bering 1.0-RC3. I have tried to add the following lines to /etc/network/interfaces auto eth1:0 iface eth1:0 inet static address 192.168.1.254 masklen 25 broadcast 192.168.1.255 When I boot I get this error Configuring network interfaces: Cannot find device \"eth1:0\" Can anyone see what I am doing wrong? /Tobbe --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [Leaf-user] Ip aliasing
> I have a 2.9.8 LRP and I have 3 ip addresses bound to my external > interface. I just added this to network.conf and it works great: > > IF0_IFNAME=eth0 > IF0_IPADDR=208.x.x.197 > IF0_NETMASK=255.255.254.0 > IF0_BROADCAST=208.181.73.255 > IF0_IP_SPOOF=YES > > IF1_IFNAME=eth1 > IF1_IPADDR=192.168.73.1 > IF1_NETMASK=255.255.255.0 > IF1_BROADCAST=192.168.73.255 > IF1_IP_SPOOF=YES > > IF2_IFNAME=eth0:0 > IF2_IPADDR=208.x.x.196 > IF2_NETMASK=$IF0_NETMASK > IF2_BROADCAST=$IF0_BROADCAST > IF2_IP_SPOOF=YES > > IF3_IFNAME=eth0:1 > ... Just add any extra IP's to eth0_IP_EXTRA_ADDRS: eth0_IP_EXTRA_ADDRS="208.x.x.196 ..." > Then I call my own firewall script from network_direct.conf using > ipchains and also forward to three boxes behind. Since I run a couple > of mail servers, the flexibility of NAT is very practical. You can setup static NAT translations using the 'psudo' natN interface in Dachstein... Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Ip aliasing
Hi Scott and others, I'm still looking at Oxygen and Dachstein. Oxygen looks really good but it's setup didn't work well for me, and have only just looked at dachstein. But let me explain what I have been doing till now. I have a 2.9.8 LRP and I have 3 ip addresses bound to my external interface. I just added this to network.conf and it works great: IF0_IFNAME=eth0 IF0_IPADDR=208.x.x.197 IF0_NETMASK=255.255.254.0 IF0_BROADCAST=208.181.73.255 IF0_IP_SPOOF=YES IF1_IFNAME=eth1 IF1_IPADDR=192.168.73.1 IF1_NETMASK=255.255.255.0 IF1_BROADCAST=192.168.73.255 IF1_IP_SPOOF=YES IF2_IFNAME=eth0:0 IF2_IPADDR=208.x.x.196 IF2_NETMASK=$IF0_NETMASK IF2_BROADCAST=$IF0_BROADCAST IF2_IP_SPOOF=YES IF3_IFNAME=eth0:1 ... Then I call my own firewall script from network_direct.conf using ipchains and also forward to three boxes behind. Since I run a couple of mail servers, the flexibility of NAT is very practical. Looking at dachstein network.conf, I think I might be a able to accomplish the same without my script, but I am willing to work with or without it. In any case though I am not sure how to go about the 3 ip's on eth0 in dachstein. Once I get that going I can start on the pptp stuff. Any suggestions much appreciated. Thanks, Boyd -Original Message- From: Scott C. Best [mailto:[EMAIL PROTECTED]] Sent: March 4, 2002 6:18 PM To: Boyd Kelly Subject: RE: [Leaf-user] forwarding Protocal 47(gre) on Eigerstein LRP Boyd: Heya. You may be right: Oxygen is a great platform, but Dachstein is a better out-of-the-box solution. -Scott On Mon, 4 Mar 2002, Boyd Kelly wrote: > Thanks Scott, > > I've been fiddling around with the Oxygen version today. Seems like > the Dachstein will be a better bet for what I want to do. > > Will try it out tomorrow. > > Boyd > > -Original Message- > From: Scott C. Best [mailto:[EMAIL PROTECTED]] > Sent: March 4, 2002 10:42 AM > To: Lonnie Cumberland > Cc: [EMAIL PROTECTED]; Boyd Kelly > Subject: Re: [Leaf-user] forwarding Protocal 47(gre) on Eigerstein LRP > > > Lonnie, Boyd: > > Ah, serendipity. :) One email, two answers... > > To get a PPTP-based VPN client working from behind a LEAF/LRP disk, > you need to do four things (none of which is to search the email > archives, though that works too ;): > > 1. Be sure to be using a "VPN enabled kernel". Dachstein has >this by default. Earlier stuff, including 2.9.8, doesn't. >See Charles' page for the kernels. If you install a new >one, *always* install with it the associated modules. > > 2. Load the PPTP masq module: uncomment its line in /etc/modules, >backup, reboot. > > 3. Goof the firewall rules to allow protocol 47 and port 1723 >in. > > 4. Use the "ipfwd" utility (ships by default) to forward the >GRE (protocol 47) packets across the firewall. > > > As you'd expect, steps 3 & 4 are done for you automagically using the > echoWall package. > Hope this helps! > > -Scott > > > On Sun, 3 Mar 2002, Lonnie Cumberland wrote: > > > Hello, > > > > Could you please tell me how to prot forward this protocal 47 on my > > Eigerstein LRP box? > > > > I know how to forward regular ports coming in to a server behind the > > firewall, but I do not know about htis protocal 47 (gre) > > > > Thanks, > > Lonnie > > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
