[ previous ] [ next ] [ threads ]
 
 From:  "David Kitchens" <spider at webweaver dot com>
 To:  "'ubi de feo'" <ubi at twodotone dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] many problems with... - could somebody please clear this?
 Date:  Tue, 25 May 2004 21:20:32 -0400
Ubi,
Sometimes the message gets lost in the complexity of the question, lol. Me
not having a clue what sip-spoof was till googleing a min ago, didn't help
either. I don't know why you would need both Speedtouch devices AND the
monowall but here is my assumption.  Since monowall does not know how to use
sip-spoof, you will likely need to get your connection to the web using one
or both of the speedtouch devices. Turn off most of the functions in those
things, you don't want any firewalling there as you said. Once you have a
working connection to the world, put any internal ip, ie: 10.0.0.1, on the
lan side of that device. You can then either set your monowall wan ip to
10.0.0.2 with dns from the isp or use dhcp on the lan of the speedtouch to
give the appropriate info to the wan of mono. The mono wan gateway will be
the lan of the speedtouch. Then configure the monowall with any firewall
rules you want. You should never have to make use of exec.php to set routes,
to make any change that you want on reboot, you would have to make a custom
image that has your changes. 

(((THE WORLD)))

	||

thomson speedtouch with sip-spoof

external static ip 213.84.18.xxx, DNS and gateway set to ISP
Internal eth ip address 10.0.0.138

	||

Monowall/4801

External static ip 10.0.0.xxx, DNS set to ISP and gateway set to 10.0.0.138
Internal eth ip 192.168.0.1

Setup dhcp for internal clients, the mono should give itself to the clients
as dns. Set any other firewall rules and you should be golden.

	||

(((YOUR WORLD)))

Hope that helps, 
Dave




> On May 21, 2004, at 10:37 AM, ubi de feo wrote:
> 
> > hi, guys.
> > i'd like to start saying i'm not  a linux network/firewall expert.
> > i use linux since 1 year ago.
> >
> > i really need somebody to help me out with this.
> > it's turning me nuts.
> >
> > i bought a soekris net4801 to make a firewall out of it.
> > my internet connection is an ADSL from KPN (netherlands).
> > i have 2 routers.
> >
> > speedtouch 510(i)
> > speedtouch 510(i4)
> >
> > these 2 pieces of crap have an internal firewall.
> > after 2 days working on it, i was able to make both dhcp-spoof 
> > sip-spoof working.
> > now, it's not that i couldn't try on other machines, since i have 2 
> > win pc's, 2 linux boxes, 2 macs (os 10.3).
> > the only thing not working is the net4801 and m0n0wall
> >
> > u're sure wondering what the issue is.
> > here i come.
> >
> > when i have dhcp-spoof active, all the computers get 
> everything from 
> > the dhcp, except m0n0wall.
> > same when i use sip-spoof.
> > now, how can this be?
> >
> > here's my configuration
> >
> > thomson speedtouch with sip-spoof
> > eth ip address 10.0.0.138
> >
> > external static ip 213.84.18.xxx
> > subnet 255.255.255.255
> >
> > ISP dns1 194.109.104.104
> > ISP dns2 194.109.6.66
> >
> > ISP gateway 195.190.241.27
> >
> >
> >
> > everything works on computers if i set
> >
> > the static ip to the external one
> > the subnet to 255.255.255.255
> > the gateway to 10.0.0.138
> > the DNS's to the ISP ones
> >
> > that works seamlessly on Mac,PC
> > with the only need of this on Linux
> >
> > route add 10.0.0.138 dev eth0
> > route add default gw 10.0.0.138
> >
> > but no way to make it work on the m0n0wall.
> >
> > instead if i put my m0n0wall box inside another router that 
> works as a 
> > firewall and gives every client DHCP data, the box gets 
> everything and 
> > works, but in this case its IP is 10.0.0.x and the same for DNS and 
> > gateway to me it's just a problem of routing and rules.
> > only i don't know how to make route additions, maybe.
> >
> > first i need to set the netmask to 32, so i have to make it in the 
> > exec.php page because of the typo in the php that has 31 as the 
> > maximum.
> > so, what i type in the exec.php page is
> >
> > ifconfig sis0 213.84.18.xxx netmask 255.255.255.255 broadcast
> > 255.255.255.255
> > route add 10.0.0.138 213.84.18.xxx
> > route add default 10.0.0.138
> >
> > anyway, everytime i reboot the machine, these routes get lost. why?
> >
> > now...
> > does anybody have any suggestion on how to make this work on my 
> > m0n0wall?
> > plus...
> > do i need to set any special RULE for the WAN interface to see the 
> > DNS's and the Gateway?
> > please, help me out
> >
> > thanx a lot
> >
> > ciao.ubi