Re: [m0n0wall] PLEASE MARK THIS AS A BUG!!!... Problems using multiple IP addresses on m0n0wall

From:	Kristinn Soffanias Runarsson <soffanias at gmail dot com>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] PLEASE MARK THIS AS A BUG!!!... Problems using multiple IP addresses on m0n0wall
Date:	Sun, 13 Feb 2005 03:25:52 +0000
Yes... and you are aware that m0n0wall is a work in progress?  How
about accusing these fine people a little bit less and reading a
little more?

Better yet, if you go and buy a commercial box, see if you can BUY A CLUE.

Kindest regards,
-soffi-



On Wed, 9 Feb 2005 09:58:54 -0700, Travis Zadikem
<tzadikem at picosecond dot com> wrote:
> FreeBSDism.  That doesn't appear to be a problem with IPCOP.  I was making a
> point that if you are going to put an alias field into a web interface that
> doesn't work correctly then why put it into there.  I have the m0n0wall book
> and this is not something that is in there as an issue.  It's not that I
> don't "get it" its the idea of having something that works correctly free
> and/or not free.  I just searched thru some archives and see that this has
> come up before, but has never been put in as a bug to get fixed.  Well, I am
> asking that this be put in a something to get fixed.  There is nothing more
> frustrating then asking (if you check back a few months) about the alias in
> m0n0wall and no one saying that you had to run the extra command to fix it,
> but that it does "WORK!!"
> 
> -----Original Message-----
> From: Josh McAllister [mailto:josh at bluehornet dot com]
> Sent: Wednesday, February 09, 2005 9:44 AM
> To: Travis Zadikem; Robert Staph; m0n0wall at lists dot m0n0 dot ch
> Subject: RE: [m0n0wall] PLEASE MARK THIS AS A BUG!!!... Problems using
> multiple IP addresses on m0n0wall
> 
> Nice rant... by all means, feel free to dump m0n0 and pay for a
> commercial product simply because you don't get it.
> 
> It's NOT a bug, it's a FreeBSD-ism.
> 
> http://www.daemonnews.org/199911/answerman.html#alias_netmask
> 
> Relax!
> 
> Josh McAllister
> 
> -----Original Message-----
> From: Travis Zadikem [mailto:tzadikem at picosecond dot com]
> Sent: Wednesday, February 09, 2005 9:31 AM
> To: 'Robert Staph'; m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] PLEASE MARK THIS AS A BUG!!!... Problems using
> multiple IP addresses on m0n0wall
> Importance: High
> 
> You have got to be kidding!!? This worked.  Why in the world does the
> interface
> not work right with this?  It is things like this that just really make
> an
> IT Admin
> want to use commercial and/or other products.  I really really
> appreciate
> your help
> and would like to get this put in as BUG and also fixed ASAP.  We do
> development here
> and the philosophy is if it doesn't work then don't put it in and/or
> make it
> an option until it is tested and works.
> 
> -----Original Message-----
> From: Robert Staph [mailto:rstaph at digitalimpreza dot com]
> Sent: Wednesday, February 09, 2005 9:08 AM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] Problems using multiple IP addresses on m0n0wall
> 
> you'll need to use netmask of 255.255.255.255 and enter one alias for
> each
> external IP.
> 
> -Rob
> 
> ----- Original Message -----
> From: "Travis Zadikem" <tzadikem at picosecond dot com>
> To: <m0n0wall at lists dot m0n0 dot ch>
> Sent: Wednesday, February 09, 2005 10:53 AM
> Subject: RE: [m0n0wall] Problems using multiple IP addresses on m0n0wall
> 
> > Here is my status.php
> > xl2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> > options=1<RXCSUM>
> > inet 64.207.38.2 netmask 0xfffffff0 broadcast 64.207.38.15
> > ether 00:50:da:d6:56:95
> > media: Ethernet autoselect (100baseTX <full-duplex>)
> > status: active
> >
> > so I ran the following on the exec.php page:
> > /sbin/ifconfig xl2 64.207.38.4 netmask 0xfffffff0 alias
> >
> > and got the following:
> > $ /sbin/ifconfig xl2 64.207.38.4 netmask 0xfffffff0 alias
> > ifconfig: ioctl (SIOCAIFADDR): File exists
> >
> > -----Original Message-----
> > From: Robert Staph [mailto:rstaph at digitalimpreza dot com]
> > Sent: Wednesday, February 09, 2005 8:16 AM
> > To: m0n0wall at lists dot m0n0 dot ch
> > Subject: Re: [m0n0wall] Problems using multiple IP addresses on
> m0n0wall
> >
> >
> > goto your-mono-ip/status.php and look in the "interfaces" section and
> make
> > sure its aliased the other external IPs on the WAN interface.  I'm
> > guessing
> > you're using the generic-pc m0n0wall image?
> >
> > example from my config:
> >
> > bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> > options=3<RXCSUM,TXCSUM>
> > inet x.y.z.202 netmask 0xfffffff8 broadcast x.y.z.207
> > inet x.y.z.203 netmask 0xffffffff broadcast x.y.z.203
> > inet x.y.z.204 netmask 0xffffffff broadcast x.y.z.204
> > inet x.y.z.205 netmask 0xffffffff broadcast x.y.z.205
> > inet x.y.z.206 netmask 0xffffffff broadcast x.y.z.206
> > ether 00:10:18:0b:68:91
> > media: Ethernet autoselect (100baseTX <full-duplex>)
> > status: active
> >
> > if you don't have more than just one line here, goto
> your-mono-ip/exec.php
> > and enter:
> >
> > /sbin/ifconfig bge0 x.y.z.a netmask 255.255.255.255 alias
> >
> > (replacing the bge0 with your WAN interface name and the x.y.z.a with
> one
> > of
> > your external IPs that isn't working)
> >
> >
> >
> > Now if everything works fine with that IP address, the fix is to edit
> your
> > conifg.xml by hand and to add something like:
> >
> > <shellcmd>/sbin/ifconfig bge0 x.y.z.a netmask 255.255.255.255
> > alias</shellcmd>
> >
> > (again, replacing the bge0 with your WAN interface name and the
> x.y.z.a
> > with
> > one of your external IPs.  repeat as needed and make sure to place
> these
> > <shellcmd></shellcmd> lines somewhere in the <system></system> area.
> >
> > -Rob
> >
> > ----- Original Message -----
> > From: "Travis Zadikem" <tzadikem at picosecond dot com>
> > To: "Monowall (E-mail)" <m0n0wall at lists dot m0n0 dot ch>
> > Sent: Wednesday, February 09, 2005 10:01 AM
> > Subject: [m0n0wall] Problems using multiple IP addresses on m0n0wall
> >
> >
> >> Can someone please tell me why m0n0wall 1.11 is having problems with
> my
> >> multiple IP addresses?
> >> I have DNS setup with 2 IP address (64.207.38.4 and 64.207.38.2)  My
> main
> >> WAN IP address on our firewall
> >> is 64.207.38.2
> >> In the aliases on the firewall I have the following:
> >> mail  64.207.38.4  Mail1
> >> web  64.207.38.2   Mail2
> >>
> >> My NAT has the following:
> >>
> >> WAN  TCP  25 (SMTP)  192.168.1.160
> >> (ext.: 64.207.38.4)  25 (SMTP)  SMTP to Mail2
> >> WAN  TCP  25 (SMTP)  192.168.1.55  25 (SMTP)
> >> WAN  TCP  80 (HTTP)  192.168.1.160  80 (HTTP)
> >> WAN  TCP  110 (POP3)  192.168.1.55  110 (POP3)
> >> WAN  TCP  443 (HTTPS)  192.168.1.160  443 (HTTPS)  Webmail on new
> mail
> >> server
> >> WAN  TCP/UDP  143 (IMAP)  192.168.1.55  143 (IMAP)
> >>
> >> Externally I can telnet to port 25 of 64.207.38.2 and it works just
> fine.
> >> I
> >> can
> >> not telnet to port 25 of 64.207.38.4 or port 110 or port 143 but I
> can
> >> from
> >> inside the firewall.  What appears to be the problem??
> >>
> >> Travis
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> >> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >>
> >>
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> >
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>