Sharing ppp connection with wlan interface

Sharing ppp connection with wlan interface

[Vinícius Massuchetto]

Dear all.

I'm on Debian Sid, and I've been trying to serve a 
ppp0 internet connection through a wireless 
network. I made a small script to be ran when i 
want to do that:

ifdown wlan0
iwconfig wlan0 essid "VinaNET" mode Ad-Hoc
ifconfig wlan0 192.168.0.254
echo 1 > /proc/sys/net/ipv4/ip_forward
/etc/init.d/dnsmasq stop
/etc/init.d/dnsmasq start
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

The script goes just fine and the client computer 
can see the wireless network but can't connect, it 
only keeps trying:

DHCPDISCOVER on ath0 to 255.255.255.255 port 67 
interval x

Here's my dnsmasq.conf file:

domain-needed
bogus-priv
interface=wlan0
dhcp-range=192.168.0.1,192.169.0.100,12h

I'm not quite sure if that's an iptables or a 
dnsmasq problem.

Thanks!
--
Vinícius Massuchetto
http://vinicius.soylocoporti.org.br

Re: Sharing ppp connection with wlan interface

[Vinícius Massuchetto]

Thanks for helping.

This tutorial says to pass ppp0 as the argument to -o.
http://wiki.archlinux.org/index.php/Sharing_ppp_connection_with_wlan_interface

Anyway, here's the syslog output for your 
correction on the routing computer.

vinicius:/home/vinicius# tail -f /var/log/syslog
Sep 20 19:04:06 vinicius kernel: [ 5818.151404] 
wlan0: Selected IBSS BSSID 0e:e6:ed:86:81:f0 based 
on configured SSID
Sep 20 19:04:07 vinicius dnsmasq[6760]: exiting on 
receipt of SIGTERM
Sep 20 19:04:07 vinicius dnsmasq[6796]: started, 
version 2.50 cachesize 150
Sep 20 19:04:07 vinicius dnsmasq[6796]: compile 
time options: IPv6 GNU-getopt DBus I18N DHCP TFTP
Sep 20 19:04:07 vinicius dnsmasq-dhcp[6796]: DHCP, 
IP range 192.168.0.1 -- 192.169.0.100, lease time 12h
Sep 20 19:04:07 vinicius dnsmasq[6796]: reading 
/etc/resolv.conf
Sep 20 19:04:07 vinicius dnsmasq[6796]: using 
nameserver 201.10.128.2#53
Sep 20 19:04:07 vinicius dnsmasq[6796]: using 
nameserver 201.10.120.2#53
Sep 20 19:04:07 vinicius dnsmasq[6796]: read 
/etc/hosts - 7 addresses
Sep 20 19:04:36 vinicius kernel: [ 5848.153079] 
wlan0: No active IBSS STAs - trying to scan for 
other IBSS networks with same SSID (merge)
Sep 20 19:04:39 vinicius kernel: [ 5850.890322] 
wlan0: Selected IBSS BSSID 66:fb:fa:09:25:ca based 
on configured SSID
Sep 20 19:05:09 vinicius kernel: [ 5880.892160] 
wlan0: No active IBSS STAs - trying to scan for 
other IBSS networks with same SSID (merge)
Sep 20 19:05:12 vinicius kernel: [ 5883.608162] 
wlan0: Selected IBSS BSSID 0e:e6:ed:86:81:f0 based 
on configured SSID
Sep 20 19:05:42 vinicius kernel: [ 5913.612171] 
wlan0: No active IBSS STAs - trying to scan for 
other IBSS networks with same SSID (merge)

[snipped the repetitive rest]

Vinicius

Brian Austin - Standard Universal escreveu:
> no expert, but i think you masq the wrong conx?
> 
> iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
> 
> also
> 
> tail -f /var/log/syslog on the routing pc and see what dhcp is saying.
> 
> 
> 
> Vinícius Massuchetto wrote:
>> Dear all.
>>
>> I'm on Debian Sid, and I've been trying to serve a ppp0 internet 
>> connection through a wireless network. I made a small script to be ran 
>> when i want to do that:
>>
>> ifdown wlan0
>> iwconfig wlan0 essid "VinaNET" mode Ad-Hoc
>> ifconfig wlan0 192.168.0.254
>> echo 1 > /proc/sys/net/ipv4/ip_forward
>> /etc/init.d/dnsmasq stop
>> /etc/init.d/dnsmasq start
>> iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
>>
>> The script goes just fine and the client computer can see the wireless 
>> network but can't connect, it only keeps trying:
>>
>> DHCPDISCOVER on ath0 to 255.255.255.255 port 67 interval x
>>
>> Here's my dnsmasq.conf file:
>>
>> domain-needed
>> bogus-priv
>> interface=wlan0
>> dhcp-range=192.168.0.1,192.169.0.100,12h
>>
>> I'm not quite sure if that's an iptables or a dnsmasq problem.
>>
>> Thanks!
>> -- 
>> Vinícius Massuchetto
>> http://vinicius.soylocoporti.org.br
>> -- 
>> To unsubscribe from this list: send the line "unsubscribe netfilter" in
>> the body of a message to majordomo@vger.kernel.org
>> More majordomo info at  http://vger.kernel.org/majordomo-info.html

I want to connect a PC from Internet to my LAN (Asterisk server)

[Juan Cardoza]

Hello I am been looking in the internet but no one option have worked.
I want to connect my xlite softphone through the firewall that have an specific IP (xx.xx.xx.xx), the firewall is reached from the internet, I can connect to the firewall via tridia without any problem.

Now I want to connect my softphone to the asterisk server into the lan, the server have the ip (yy.yy.yy.yy)
In first place I want to allow all port from the asterisk to the remote softphone to check all the services.

Is there a way to configure this requirement into the firewall to let the softphone to connect to the asterisk server passing trough the firewall.
The softphone have the ip address zz.zz.zz.zz, so the connection would be:

zz.zz.zz.zz ----> xx.xx.xx.xx ------> yy.yy.yy.yy
yy.yy.yy.yy ----> xx.xx.xx.xx ------> zz.zz.zz.zz

Please let me know if someone can send me some information about how to do this changes.
Thanks for your help.

Re: Sharing ppp connection with wlan interface

[Vinícius Massuchetto]

I don't know.

What exactly this means?
Sep 20 19:04:36 vinicius kernel: [ 5848.153079] 
wlan0: No active IBSS STAs - trying to scan for 
other IBSS networks with same SSID (merge)
Sep 20 19:04:39 vinicius kernel: [ 5850.890322] 
wlan0: Selected IBSS BSSID 66:fb:fa:09:25:ca based 
on configured SSID

Vinicius

Brian Austin - Standardknit escreveu:
> looks like dns server not getting the requests from client?
> 
> 
> 
> -----Original Message -----
> From: Vinícius Massuchetto
> Sent: 21/09/2009 8:19 AM
>> Thanks for helping.
>>
>> This tutorial says to pass ppp0 as the argument to -o.
>> http://wiki.archlinux.org/index.php/Sharing_ppp_connection_with_wlan_interface 
>>
>>
>> Anyway, here's the syslog output for your correction on the routing 
>> computer.
>>
>> vinicius:/home/vinicius# tail -f /var/log/syslog
>> Sep 20 19:04:06 vinicius kernel: [ 5818.151404] wlan0: Selected IBSS 
>> BSSID 0e:e6:ed:86:81:f0 based on configured SSID
>> Sep 20 19:04:07 vinicius dnsmasq[6760]: exiting on receipt of SIGTERM
>> Sep 20 19:04:07 vinicius dnsmasq[6796]: started, version 2.50 
>> cachesize 150
>> Sep 20 19:04:07 vinicius dnsmasq[6796]: compile time options: IPv6 
>> GNU-getopt DBus I18N DHCP TFTP
>> Sep 20 19:04:07 vinicius dnsmasq-dhcp[6796]: DHCP, IP range 
>> 192.168.0.1 -- 192.169.0.100, lease time 12h
>> Sep 20 19:04:07 vinicius dnsmasq[6796]: reading /etc/resolv.conf
>> Sep 20 19:04:07 vinicius dnsmasq[6796]: using nameserver 201.10.128.2#53
>> Sep 20 19:04:07 vinicius dnsmasq[6796]: using nameserver 201.10.120.2#53
>> Sep 20 19:04:07 vinicius dnsmasq[6796]: read /etc/hosts - 7 addresses
>> Sep 20 19:04:36 vinicius kernel: [ 5848.153079] wlan0: No active IBSS 
>> STAs - trying to scan for other IBSS networks with same SSID (merge)
>> Sep 20 19:04:39 vinicius kernel: [ 5850.890322] wlan0: Selected IBSS 
>> BSSID 66:fb:fa:09:25:ca based on configured SSID
>> Sep 20 19:05:09 vinicius kernel: [ 5880.892160] wlan0: No active IBSS 
>> STAs - trying to scan for other IBSS networks with same SSID (merge)
>> Sep 20 19:05:12 vinicius kernel: [ 5883.608162] wlan0: Selected IBSS 
>> BSSID 0e:e6:ed:86:81:f0 based on configured SSID
>> Sep 20 19:05:42 vinicius kernel: [ 5913.612171] wlan0: No active IBSS 
>> STAs - trying to scan for other IBSS networks with same SSID (merge)
>>
>> [snipped the repetitive rest]
>>
>> Vinicius
>>
>> Brian Austin - Standard Universal escreveu:
>>> no expert, but i think you masq the wrong conx?
>>>
>>> iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
>>>
>>> also
>>>
>>> tail -f /var/log/syslog on the routing pc and see what dhcp is saying.
>>>
>>>
>>>
>>> Vinícius Massuchetto wrote:
>>>> Dear all.
>>>>
>>>> I'm on Debian Sid, and I've been trying to serve a ppp0 internet 
>>>> connection through a wireless network. I made a small script to be 
>>>> ran when i want to do that:
>>>>
>>>> ifdown wlan0
>>>> iwconfig wlan0 essid "VinaNET" mode Ad-Hoc
>>>> ifconfig wlan0 192.168.0.254
>>>> echo 1 > /proc/sys/net/ipv4/ip_forward
>>>> /etc/init.d/dnsmasq stop
>>>> /etc/init.d/dnsmasq start
>>>> iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
>>>>
>>>> The script goes just fine and the client computer can see the 
>>>> wireless network but can't connect, it only keeps trying:
>>>>
>>>> DHCPDISCOVER on ath0 to 255.255.255.255 port 67 interval x
>>>>
>>>> Here's my dnsmasq.conf file:
>>>>
>>>> domain-needed
>>>> bogus-priv
>>>> interface=wlan0
>>>> dhcp-range=192.168.0.1,192.169.0.100,12h
>>>>
>>>> I'm not quite sure if that's an iptables or a dnsmasq problem.
>>>>
>>>> Thanks!
>>>> -- 
>>>> Vinícius Massuchetto
>>>> http://vinicius.soylocoporti.org.br
>>>> -- 
>>>> To unsubscribe from this list: send the line "unsubscribe netfilter" in
>>>> the body of a message to majordomo@vger.kernel.org
>>>> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 

Re: I want to connect a PC from Internet to my LAN (Asterisk server)

[Richard Horton]

2009/9/21 Juan Cardoza <ing.jcardoza@gmail.com>:
> Hello I am been looking in the internet but no one option have worked.
> I want to connect my xlite softphone through the firewall that have an specific IP (xx.xx.xx.xx), the firewall is reached from the internet, I can connect to the firewall via tridia without any problem.
>

Assuming the softphone can route traffic to the pbx (or atleast to the
firewall which can then reach the pbx) have a look at using the SNAT
features to change the xx address to the firewall's address (assuming
you need nat)- as SNAT does stateful tracking replies should get
translated back to the correct address. As I rarely need to use SNAT
I'll leave finding the correct options to you (my brain is suffering
lack of coffee).

If you don't need NAT then just add the appropriate rules (probably
along the lines of the following assuming you have multiport matching)
iptables -t FORWARD -s xx.xx.xx.xx -d yy.yy.yy.yy -m mport --dports
<port list> -j ACCEPT

iptables -t FORWARD -d xx.xx.xx.xx -s yy.yy.yy.yy -m mport --dports
<port list> -j ACCEPT



-- 
Richard Horton
Users are like a virus: Each causing a thousand tiny crises until the
host finally dies.
http://www.solstans.co.uk - Solstans Japanese Bobtails and Norwegian Forest Cats
http://www.pbase.com/arimus - My online photogallery