Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.mel.connect.com.au!news.mel.aone.net.au!news.mira.net.au!pumpkin.pangea.ca!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!feed1.news.erols.com!news.nl.innet.net!INnl.net!feed1.news.innet.be!INbe.net!stns.news.pipex.net!warm.news.pipex.net!pipex!tank.news.pipex.net!pipex!news.utell.co.uk!usenet From: brian@shift.utell.net (Brian Somers) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: IP Masquerading / pppd question. Date: 9 Jun 1997 09:35:32 GMT Organization: Awfulhak Ltd. Lines: 35 Message-ID: <5ngip4$ot9@ui-gate.utell.co.uk> References: <56C9CA986E73CBFD.44AB054E609535D9.884CF6F4EEE1F07B@library-proxy.airnews.net> <3395EAA5.1CFBAE39@FreeBSD.org> <5ndsi3$9ee$1@Venus.mcs.net> Reply-To: brian@awfulhak.org, brian@utell.co.uk NNTP-Posting-Host: shift.utell.net Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Newsreader: knews 0.9.8 Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:42635 In article <5ndsi3$9ee$1@venus.mcs.net>, Font <font.ReMoVeThIsPaRt@mcs.net> writes: > "Jordan K. Hubbard" <jkh@FreeBSD.org> writes: > >>David Henshaw wrote: >>> I would like to allow the XT to telnet directly to my ISP using the >>> FreeBSD box as a gateway. Currently this is not working. >>> >>> Can someone fill me in as to what I need to do ? > >>You need to upgrade to FreeBSD 2.2.2 and use ppp's -alias option. >>You can't do what you want to do with 2.1.5. > > On a related note, rlogin (with the insecure .rhosts) fails when using > ppp -alias fails on both the aliased and actual boxes. ppp without > -alias works fine. Can anyone offer an explanation (or workaround) > for this, or is it tcpdump time? The explaination is that the rpc protocol requires the connection to come from a know port. This is a rather feeble and anoying attempt at security..... the alias library broke this. In -current, and in 2.2 (what will be the next 2.2 release) there is now a libalias. This is Charles Motts latest library (v2.1) and includes (among lots of other goodies) the ability to keep the current port (if possible). Rlogin et al work fine. A good workaround is to use ssh (AFAIK) :) -- Brian <brian@awfulhak.org> <brian@freebsd.org> <http://www.awfulhak.org> Don't _EVER_ lose your sense of humour !