Hi have qnx 6.3.2 and I'd like to route the traffic from wlan to lan where I'm connected to internet. Wlan range address is 192.168.1.X while lan is 192.168.0.X. Gateway lan is 192.168.0.1. Now I can the following routing table: default 192.168.0.1 UG 10.0.0.0/24 link#3 U 10.0.0.255 link#3 UHL 127.0.0.1 127.0.0.1 UH 192.168.0.0/24 #ink#5 U 192.168.0.0/16 192.168.0.1 U 192.168.0.1 XX:xx:xx:xx:xx:xx UHL 192.168.1.0/24 link#6 U 192.168.1.1 yy:yy:yy:yy:yy:yy UHL 239:255:255:250/32 192.168.1.1 UG Thanks verymuch
can someone help me?
Are you sure you want to route or do you actually want to NAT? For routing you simply need to enable the sysctl for forwarding. For NAT you will need to load the PF lsm and setup the PF rules.
> Are you sure you want to route or do you actually want to NAT? > > For routing you simply need to enable the sysctl for forwarding. For NAT you > will need to load the PF lsm and setup the PF rules. I'd like that my wireless clients (with ip 192.168.1.) went redirected to my link#5 which is connected to internet. Should I do that with route or nat? What exaclty do I have to set?
Today I checked the variable net.inet.ip.forwarding and its value is 1: net.inet.ip.forwarding=1 What else do I have to do to be my wifi clients able to browse internet (gateway 192.168.0.1)? Thanks
You are going to need to setup NAT. This is done in QNX through PF, see http://www.qnx.com/developers/docs/660/index.jsp?topic=%2Fcom.qnx.doc.neutrino.utilities%2Ftopic%2Fp%2Fpf.conf.html especially the section beginning "Translation examples".
Then I should insert in /etc/pf.conf the following rule: nat on wlan0 from 192.168.1.0/24 to any -> 192.168.0.1 Is it correct? My wifi clients has addresses 192.168.1.X and my gateway 8connected to internet is 192.168.0.1). Thanks
It should be your actual IP address on the LAN and not the gateway IP address but the rest is correct.
> It should be your actual IP address on the LAN and not the gateway IP address > but the rest is correct. Ok my actual ip. Can I insert en0 (lan) instead of my actual ip?
Yes: nat on wlan0 from 192.168.1.0/24 to any -> (en0)
Last question: my pf.conf under /etc is actually empty. If I insert the rule inside it, is it in the right position given my routing table (first post)? Thanks very much
Nick, what happens if a wifi ip want to talk with one other wifi ip? Does it make sense to add in pf.conf, before nat rule: pass quick on wlan0 from 192.168.1.0/24 to 192.168.1.1 where 192.168.1.1 is the ip of wlan0? Thanks
Nick, can you help me? I have some problems to write what you suggested me. I try to execute the command pfctl -s all I get this output: TRANSLATION RULES: nat on ppp0 from <natRangeTable> to any -> (ppp0) round-robin nat on en5 from <natRangeTable> to any -> (en5) round-robin rdr-anchor "dnsRedirect1" all rdr-anchor "dnsRedirect2" all rdr-anchor "dnsRedirect3" all rdr-anchor "dnsRedirect4" all FILTER RULES: scrub in all no-df fragment reassemble scrub out on mam0 all max-mss 968 fragment reassemble pass out all keep state pass in quick on mam0 all keep state pass in quick on mep0 all keep state pass in quick on mhp0 all keep state pass in quick on en5 all keep state block drop in on uap0 all block drop in quick on uap0 from any to (mam0:network) block drop in quick on uap0 from any to (mhp0:network) block drop in quick on uap0 from any to (ppp0) block drop in quick on uap0 from any to (en5:network) pass in quick on uap0 inet proto udp from any port = bootpc to 255.255.255.255 port = bootp keep state pass in quick on uap0 inet from any to 255.255.255.255 keep state pass in quick on uap0 inet proto udp from any to 239.255.255.250 port = 1900 keep state pass in quick on uap0 proto tcp from any to any port = 8100 keep state pass in quick on uap0 inet from any to 224.0.0.0/4 keep state pass in quick on uap0 proto udp from any to (uap0) port 49152:65535 anchor "dialUpTrigger" all pass in quick inet proto icmp all icmp-type echoreq keep state No queue in use STATES: self tcp 127.0.0.1:65515 -> 127.0.0.1:4444 ESTABLISHED:ESTABLISHED self tcp 192.168.0.100:65486 -> 173.194.35.7:80 TIME_WAIT:TIME_WAIT ............... As I write you I have internet connection on en5 (192.168.0.100) and I'd like to nat the traffic from wireless uap0 to en5 (so wireless clients with ip 192.168.1.X can go to internet). You suggested me to add this rule: nat on uap0 from 192.168.1.0/24 to any -> (en5) There are two problems: 1. I don't know which is the configuration file for pfctl (the file /etc/pf.conf) contains only comments). ho can I discover the current configuration file? 2. Where do I have to insert the new nat rule? It seems to me that there is some rules which are in conflit con the new nat rule. Thanks
Unfortunately the problem is still there. Adding the nat rules seems not to solve the problem. Any help will be very appreciated. Thanks
