; EXAMPLE ROUTER CONFIGURATION USING PPP (DYNAMIC) ; ; IPR script for example configuration with PPP ; using a dynamically negotiated IP address. ; ; set log none ; set log file out.txt set log file CON set log raw on ; set log headers ; set log monitor on set trace off ; Configure ethernet interface on network 192.168.0.0/24 packet en0 0x60 192.168.0.1/24 ; Configure the modem port (COM2, in this case) and make it the default route async sl0 0x2f8 3 57600 do_sl0 set ppp sl0 trace on route * sl0 perm ; Broadcast RIP routes on the ethernet rip en0 ; Start a command interpreter on the console command exit ; ; Script for filter and NAT configuration on sl0, ; with demand dial out, etc. ; do_sl0: set trace on ; ; Set up NAT ; ; Allow all outgoing service requests and their responses. ; The IP address is not critical, but should be the most ; likely address (or at least a possible address). ; This is the real trick: all outgoing traffic from the machines on ; the LAN seems to come from just one machine (namely the IPRouter), ; with the following line: nat * * 145.220.128.13 ; The following line makes sure that all incoming traffic to 'well-known' ; ports will be forwarded to one particular machine, namely 192.168.0.2. ; This could be handy if you are running a webserver or an FTP server on ; that machine. The problem though is that your ISP gives you a 'dynamic ; IP address', which means you get a different address each time you ; connect. This makes it difficult for other people to connect to your site. ; However, if you really really want people to access your servers when you ; login to your provider, there is a solution. There are now ; organizations which can provide you with a fixed alphanumeric Internet ; name which points to whatever dynamic IP address you happen to be using ; when you login (a special client on your machine updates the information). ; These organizations are e.g. http://www.ml.org (free; check out the ; dynamic DNS service) and http://www.dyndns.com (fee). ; This line might also be useful if you want to play games over the Internet ; and you don't know which TCP/UDP port the game is using. With this line ; you tell IPRoute that want one single machine to provide all ports for ; incoming connections. One (or more) of them is used by the game. That ; should do it... :-) If you don't want this (e.g. for security reasons), ; delete the line. nat * 192.168.0.2 145.220.128.13 ; Configure modem control and set up for demand dial. ; set interface rts flow hangup: set interface dtr off delay .5 set interface dtr on ; Filter out some crazy Windows95 DNS packets (which cause IPRoute to dial ; out otherwise) filter sl0 drop out udp *:137 *:53 filter sl0 permit out * * * filter en0 permit in * * * on packet dialout wait 0 ; Dial the phone, log in, and run PPP. ; Hang up if no packets are received for 600 seconds. ; dialout: ; Drop the Windows 95 filters again to allow NetBIOS over TCP/IP. ; Remove this line if you notice that IPRoute doesn't hangup when it should. drop filter en0 ; Change this to the phone number of your ISP. send "ATDT0206444818\r" wait 1 on timeout hangup wait 45 "CONNECT" ; Read the rest of the CONNECT message into symbol "speed". on cd lineup read 5 "\r" speed wait 60 lineup: on cdloss hangup on timeout hangup log "Connected at $speed" ; Change the following if the login dialog with your ISP is different! send "\r\r" wait 5 "name:" send "youruserid\r" wait 5 "word:" send "yourpassword\r" set ppp login youruserid yourpassword ppp 600 * dynamic-nat goto hangup