IP Addresses

David lists at systems-go.com.au
Thu Oct 28 13:31:38 UTC 2004 


> -----Original Message-----
> From: fedora-list-bounces at redhat.com 
> [mailto:fedora-list-bounces at redhat.com] On Behalf Of Stewart Nelson
> Sent: Thursday, 28 October 2004 19:25
> To: fedora-list at redhat.com
> Subject: Re: IP Addresses
> 
> 
> On Thu, October 28, 2004 12:54, Chris Marsh said:
> 
> >> Now, I'm setting
> >> up
> >> an FC2 box to act as my website and Email server. I want 
> to take over 
> >> from the Hosting Company.
> >>
> >> Currently, my FC2 Box is connected via the ADSL Modem and 
> has the IP 
> >> Address 10.0.0.3. My problem is, how do I 'see' this box from the 
> >> internet?
> 
> > You need to change the settings of your router to foward certain 
> > ports. e.g. for your web server, the router has to forward 
> port 80 to 
> > 10.0.0.3.
> 
> You need to be sure that the FC2 box always gets the same 
> private address. In your present system, after a power 
> failure, you might have the FC2 box at, say, 10.0.0.2.  One 
> way is to manually assign FC2 a static IP, e.g. 10.0.0.140, 
> that is outside of the range handed out by DHCP.  Or, if your 
> modem/router supports static DHCP, set it so that the NIC of 
> your FC2 (identified by its MAC address) always gets the same IP.


Im guessing that you have a SpeedTouch 510 or 530...  Log on via the Browser
and save the SpeedTouch configuration to a connected PC (OS does not
matter).  The file saved is a standard name.  Rename it so you remember this
is your known working configuration.  If / when you load a configuration
that does not work, you can, if all else fails, do a factory defaults reset
and load this working configuration file to get back were you were.

Take a copy of the file and edit to change the configuration to what you
want. Then just load the new configuration file.  You can change anything
through the config file, but only a subset of things via the friendly menus.
Of course you can also telnet to the Speedtouch and use the command line
configuration, but editing the config file and reloading is easier... it
just lacks the syntax checking.  W/r this, you can download the manuals from
the manufacturer's web site... If you look carefully, you'll get the command
line manual as well.  This will give you a much better understanding of the
config file items.  Here's the default config file with my account name and
password changed for obvious reasons :-)

--------
[ language.ini ]
config language=en

[ script.ini ]
add name=autopvc_add_qos index=0 command="qosbook add name _auto_$1_$2 class
$3 tx_peakrate $4 tx_sustrate $5 tx_maxburst $6 rx_peakrate $4 rx_sustrate
$5 rx_maxburst $6 dynamic yes" add name=autopvc_delete_qos index=0
command="qosbook delete name _auto_$1_$2" add name=autopvc_add_bridge
index=0 command="qosbook add name _auto_$1_$2 class $3 tx_peakrate $4
tx_sustrate $5 tx_maxburst $6 rx_peakrate $4 rx_sustrate $5 rx_maxburst $6
dynamic yes" add name=autopvc_add_bridge index=1 command="phonebook add name
_auto_$1_$2 addr $1.$2 type any dynamic yes" add name=autopvc_add_bridge
index=2 command="bridge ifadd intf _auto_$1_$2 dest _auto_$1_$2" add
name=autopvc_add_bridge index=3 command="bridge ifconfig intf _auto_$1_$2
qos _auto_$1_$2" add name=autopvc_add_bridge index=4 command="bridge
ifattach intf _auto_$1_$2" add name=autopvc_delete_bridge index=0
command="bridge ifdetach intf _auto_$1_$2" add name=autopvc_delete_bridge
index=1 command="bridge ifdelete intf _auto_$1_$2" add
name=autopvc_delete_bridge index=2 command="phonebook delete name
_auto_$1_$2" add name=autopvc_delete_bridge index=3 command="qosbook delete
name _auto_$1_$2" add name=autopvc_add_pppoerelay index=0 command="qosbook
add name _auto_$1_$2 class $3 tx_peakrate $4 tx_sustrate $5 tx_maxburst $6
rx_peakrate $4 rx_sustrate $5 rx_maxburst $6 dynamic yes" add
name=autopvc_add_pppoerelay index=1 command="phonebook add name _auto_$1_$2
addr $1.$2 type any dynamic yes" add name=autopvc_add_pppoerelay index=2
command="ethoa ifadd intf _auto_$1_$2 dest _auto_$1_$2" add
name=autopvc_add_pppoerelay index=3 command="ethoa ifconfig intf _auto_$1_$2
qos _auto_$1_$2" add name=autopvc_add_pppoerelay index=4 command="ethoa
ifattach intf _auto_$1_$2" add name=autopvc_add_pppoerelay index=5
command="ip ifwait intf _auto_$1_$2 timeout 15 adminstatus up" add
name=autopvc_add_pppoerelay index=6 command="pppoe relay add port
_auto_$1_$2" add name=autopvc_delete_pppoerelay index=0 command="pppoe relay
delete port _auto_$1_$2" add name=autopvc_delete_pppoerelay index=1
command="ethoa ifdetach intf _auto_$1_$2" add name=autopvc_delete_pppoerelay
index=2 command="ethoa ifdelete intf _auto_$1_$2" add
name=autopvc_delete_pppoerelay index=3 command="phonebook delete name
_auto_$1_$2" add name=autopvc_delete_pppoerelay index=4 command="qosbook
delete name _auto_$1_$2" add name=autopvc_change_qos index=0 command="$$1
ifdetach intf $2" add name=autopvc_change_qos index=1 command="$$1 ifconfig
intf $2 qos $3" add name=autopvc_change_qos index=2 command="$$1 ifattach
intf $2" add name=autopvc_change_qos_pppoerelay index=0 command="ethoa
ifdetach intf $1" add name=autopvc_change_qos_pppoerelay index=1
command="ethoa ifconfig intf $1 qos $2" add
name=autopvc_change_qos_pppoerelay index=2 command="ethoa ifattach intf $1"
add name=autopvc_change_qos_pppoerelay index=3 command="pppoe relay add port
$1" add name=autopvc_change_qos_pppoeethoa index=0 command="ethoa ifdetach
intf $1" add name=autopvc_change_qos_pppoeethoa index=1 command="ethoa
ifconfig intf $1 qos $2" add name=autopvc_change_qos_pppoeethoa index=2
command="ethoa ifattach intf $1" add name=autopvc_change_qos_pppoeethoa
index=3 command="pppoe ifattach intf $3" add name=autopvc_change_qos_pppoa
index=0 command="pppoa ifdetach intf $1" add name=autopvc_change_qos_pppoa
index=1 command="ip ifwait intf $1 timeout 5 adminstatus down" add
name=autopvc_change_qos_pppoa index=2 command="pppoa ifconfig intf $1 qos
$2" add name=autopvc_change_qos_pppoa index=3 command="pppoa ifattach intf
$1"

[ env.ini ]
set var=CONF_REGION value=Australia
set var=CONF_PROVIDER value=BigPond
set var=CONF_DESCRIPTION value="BigPond defaults"
set var=CONF_SERVICE value="Router,PPPoA,DHCP,NAT,VPI/VCI 8/35" set
var=CONF_DATE value="Configuration modified manually" set var=HOST_SETUP
value=auto set var=UPGRADE_URL
value=http://www.speedtouch.com/upgrade500.htm
set var=COLUMNS value=80
set var=ROWS value=24
set var=SESSIONTIMEOUT value=120
set var=CONF_TPVERSION value=1.2.0

[ wizard.ini ]

[ snmp.ini ]
config sysContact="Service Provider" sysName="SpeedTouch 510"
sysLocation="Customer Premises"

[ phone.ini ]
add name=telstra addr=8*35 type=pppoa

[ qos.ini ]
config format=bytes
add name=default class=ubr

[ oam.ini ]
config clp=1 loopbackid=6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a
mode port=dsl0 blocking=enabled
mode port=dsl1 blocking=enabled
mode port=atm2 blocking=enabled
mode port=atm3 blocking=enabled
mode port=aal5 blocking=enabled
mode port=atm5 blocking=enabled

[ pfirewall.ini ]
chain create chain=source
chain create chain=forward
chain create chain=sink
rule create chain=source index=0 dstintfgrp=!wan action=accept rule create
chain=source index=1 prot=udp dstport=dns action=accept rule create
chain=source index=2 prot=udp dstport=bootps action=accept rule create
chain=source index=3 action=drop rule create chain=forward index=0
srcintfgrp=wan dstintfgrp=wan action=drop rule create chain=sink index=0
srcintfgrp=!wan action=accept rule create chain=sink index=1 prot=udp
dstport=dns action=accept rule create chain=sink index=2 prot=udp
dstport=bootpc action=accept rule create chain=sink index=3 action=drop
assign  hook=sink chain=sink assign  hook=forward chain=forward assign
hook=source chain=source

[ label.ini ]
chain create chain=user_labels

[ bridge.ini ]
config age=300 filter=no_WAN_broadcast

[ pptp.ini ]

[ ethoa.ini ]

[ ipoa.ini ]

[ cip.ini ]

[ pppoerelay.ini ]

[ dhcp.ini ]
config autodhcp=off scantime=20 state=enabled trace=off
policy verifyfirst=off trustclient=on
pool add name=dhcp_pool_1
pool config name=dhcp_pool_1 intf=eth0 poolstart=10.0.0.1
poolend=10.255.255.254 netmask=8 gateway=10.0.0.138 server=10.0.0.138
leasetime=7200

[ pppoa.ini ]
ifadd intf=pppoa_pppoa
rtadd intf=pppoa_pppoa dst=0.0.0.0/0 src=10.0.0.0/1 metric=1 ifconfig
intf=pppoa_pppoa dest=telstra accomp=on retryinterval=60 dnsmetric=0
addrtrans=pat ifconfig intf=pppoa_pppoa user=fred-nerk
password=encrypted-string status=up

[ pppoe.ini ]

[ ip.ini ]
config forwarding=on firewalling=on redirects=on sourcerouting=off
netbroadcasts=off ttl=64 fraglimit=64 defragmode=nat addrcheck=static
mssclamping=on apadd addr=10.0.0.138/8 intf=eth0 addroute=no type=1 ifconfig
intf=loop mtu=1500 group=local linksensing=off ifconfig intf=eth0 mtu=1500
group=lan linksensing=off ifconfig intf=pppoa_pppoa mtu=1500 group=wan
linksensing=off rtadd dst=255.255.255.255/32 intf=eth0 rtadd dst=10.0.0.0/8
gateway=10.0.0.138 type=1 rtadd dst=224.0.0.0/4 intf=eth0 rtadd
dst=0.0.0.0/0 intf=eth0 metric=70

[ autoip.ini ]
ifadd intf=eth0
ifconfig intf=eth0 addr=169.254.86.143 poolstart=169.254.1.1
poolend=169.254.254.254 netmask=16 ifattach intf=eth0

[ eth.ini ]
ifconfig intf=1 type=auto
ifconfig intf=2 type=auto
ifconfig intf=3 type=auto
ifconfig intf=4 type=auto
config intf=1 state=enabled
config intf=2 state=enabled
config intf=3 state=enabled
config intf=4 state=enabled

[ diagnostics.ini ]
config pingtimeout=1000 pingpacketsize=20

[ dnsd.ini ]
domain domain=vic.bigpond.net.au
add hostname=SpeedTouch
start
troff

[ dhcr.ini ]
ifconfig intf=eth0 relay=on
add addr=127.0.0.1 intf=eth0 giaddr=10.0.0.138

[ dhcc.ini ]
config trace=off

[ adslpots.ini ]
config opermode=multimode maxbitspertoneUS=13 trace=off
modemoption=00000000000000000000000000000000

[ nat.ini ]
bind application=ESP port=1
bind application=FTP port=ftp
bind application=GRE port=1
bind application=H323 port=h323
bind application=IKE port=ike
bind application=ILS port=ldap
bind application=ILS port=ils
bind application=IRC port=irc-u
bind application=PPTP port=1723
bind application=RAUDIO(PNA) port=realaudio
bind application=RTSP port=rtsp
bind application=SIP port=sip
create protocol=tcp inside_addr=10.0.1.1:80 outside_addr=0.0.0.0:80
foreign_addr=0.0.0.0:0

[ autopvc.ini ]
config mode=active type=bridge opmode=partial overwrite=enabled peakrate=0

[ switch.ini ]
mirror capture port=1

[ system.ini ]
setpassword password=_CYP_OTxQ.wfAuptnw
hash2=fb5c8763e84d20dce5463f033d4b8a90
config upnp=enabled mdap=enabled drst=disabled
config dcache=enabled

[ upnp.ini ]
config maxage=1800 writemode=full safenat=disabled

[ endofarch ]
--------

The line you need to change is:-

pool config name=dhcp_pool_1 intf=eth0 poolstart=10.0.0.1
poolend=10.255.255.254 netmask=8 gateway=10.0.0.138 server=10.0.0.138
leasetime=7200

Just change the "poolend" to a lower value... say 10.0.0.254

Now any IP between 10.0.1.0 and 10.255.255.254 can be statically assigned on
the host and will be outside the DHCP Pool range.

The line below creates an outside to inside NAPT entry for a web server
where the inside host has a static IP of 10.0.1.1 and the web server is
listening on port 80:-

create protocol=tcp inside_addr=10.0.1.1:80 outside_addr=0.0.0.0:80
foreign_addr=0.0.0.0:0

Add another for your mail server...

create protocol=tcp inside_addr=10.0.1.1:25 outside_addr=0.0.0.0:25
foreign_addr=0.0.0.0:0




> 
> You also need to make www.ausmarsh.com point to your public 
> IP address. If your public IP is static, and you will be 
> keeping an account with Hosting Shop, just have them change 
> the DNS entry.  If you will no longer be dealing with H.S., 
> you could have your registrar or a third party provide DNS 
> for ausmarsh.com, or you could run your own DNS on FC2.
> 
> If your IP is dynamic, you can use dyndns.org or a similar 
> service. Running an email server from a dynamic IP is not 
> generally recommended.
> 
> --Stewart

I've been running a mail server from a dynamic IP for years... and while I
agree with Stewart that it is not recommended, it is low cost and if you
leave your modem on 24x7 and powered by a UPS, the IP will change very
infrequently.  There is a catch however.  Many ISPs are filtering or just
plain rejecting all SMTP originating from dynamic IP Pools.  The way around
this is to configure mail routing, such that all outbound email is routed
through your ISPs email server.  Telstra has now adopted filtering and
blocks outbound SMTP except through its own mail server, unless you have a
static IP and have applied to them for an exemption.  This way they can log
the email and track any SPAMmers.

Regards
David.
> 
> 
> -- 
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>

More information about the fedora-list mailing list