Mellyn nîn! I need your helps.

First of all, I have the following setup at home (underlined systems are wireless ones):

  • In downstairs home office

    • On 4-port KVM, front part of office:

      • Telperion - COMPAQ SR1010NX - Intel Celeron 2.8GHz, 256Mb RAM, 40Gb IDE HD, 10/100 NIC, Ubuntu Linux: Hoary Hedgehog (2004)

      • Laurelin - COMPAQ SR1010NX - Intel Celeron 2.8GHz, 768Mb RAM, 40Gb IDE HD, 10/100 NIC, WinXP Home: SP2 (2004)

      • Vingilot - IBM ThinkPad 600E - Intel Mobile Pentium II 366MHz, 288Mb RAM, 20Gb HD, 802.11b PC-MCIA wireless card (Cisco Aironet), Win2K: SP4 (1999)

      • Orome - Gateway E-4200 - Intel Pentium II 400MHz, 64Mb RAM, 8Gb HD, 10/100 NIC, Gentoo 2004.3 (2005, new in 1999)

    • Yavanna - Apple PowerMac G4 - PowerPC G4 350MHz, 256Mb RAM, 10Gb HD, 10/100 NIC, MacOS 9 (2000)

    • Este - Apple "Yosemite" iMac - PowerPC G3 333MHz, 160Mb RAM, 6Gb HD, 10/100 NIC, MacOS 8.6 (1999)

    • Anduril - Gateway P5-75 - Intel Pentium 75MHz, 32Mb RAM, 500Mb HD, dual 10/100 NICs, NetBSD 1.6 (2001, new in 1995)

  • At home and in the office

    • Hirilonde - Dell Inspiron 6000 - Intel Pentium 4 1.6GHz, 1Gb RAM, 40Gb HD, 10/100 built-in Ethernet and 802.11b/g, WinXP Home: SP2 (2005)

    • Numerramar - IBM ThinkPad A31p - Intel Pentium 4 1.7GHz, 512Mb RAM, 60Gb HD, 10/100 built-in Ethernet and 802.11b, Win2K: SP4 (2002)

    • Turuphanto - COMPAQ Armada 7350MT - Intel Pentium 120Mhz, 48Mb RAM, 2Gb HD, 802.11b PC-MCIA wireless card (SanDisk CompactFlash), Win2K (2002, new in 1996)

    • Tulkas - Dell Dimension XPS D300 - Intel Pentium II 300MHz, 256Mb RAM, 40Gb HD, 802.11b PC-MCIA wireless card (Buffalo AirStation & PCI/PC-MCIA adapter), WinXP Pro: SP2 (1998)

On telperion, orome, and anduril, I would like to run some services:


  • PHP, MySQL

  • PHPnuke, TikiWiki

  • a web server with JSP (Tomcat, Blazix)

anduril is a NetBSD firewall using IPNAT rules. My whole home network gets one DHCP address from my ISP, Cox Communications. From my cable modem, a Cat-5 cable runs into one of anduril's NICs, then out to an 8-port 10-base-T hub on the floor of my basement office. All the wired systems are plugged into the hub, and all the wireless ones run off a Buffalo AirStation 802.11b wireless access point that is also plugged into the hub. The hub is an old CentreCOM MR820T (new circa 1997), unmanaged, and not a switch or router.

Right now, anduril gives local DHCP addresses to all of my home systems. I registered with DynDNS.org several times this year using addresses such as telperion.dynalias.org. Right now, this goes to anduril only.

What I would like to be able to do is either:

1. SSH into telperion.dynalias.org and get an interactive prompt for tunnelling into telperion, orome or anduril itself, or
2. SSH into telperion.dynalias.org:SOMEPORT and have my IPNAT table or IP masquerading setup route the connection

People have referred to #2 as port forwarding, but I have no idea how to do it under NetBSD. taiji_jian just gave me some docs, which I am plowing through, but does anyone have a specific recommendation as to which of the above is preferable, and why?

On a related note, has anyone been able to get Skype to work with an iPAQ (say, using PocketPC 2002 and 802.11b)?



Aug. 28th, 2005 09:50 am (UTC)
SSH tunnelling
I had to reboot Anduril in order to get into telperion.dynalias.com, but then an nslookup showed me where I was:
bash-2.05# nslookup
Default Server: ns1.ks.cox.net

I updated my DynDNS.org entry, but I still couldn't tell which DHCP address I had on telperion.dynalias.com. Under Windows on Numerramar, Laurelin, and Tulkas, I was abot to
C:\Documents and Settings\William H. Hsu>ipconfig

Windows IP Configuration

Ethernet adapter Wireless Network Connection:

Connection-specific DNS Suffix . : daisy.ct.org
IP Address. . . . . . . . . . . . :
Subnet Mask . . . . . . . . . . . :
Default Gateway . . . . . . . . . :

So would your example just be ssh -L 192.168.84.BLAH telperion.dynalias.com?
And how might I go about checking which local domain DHCP anduril it gave me?

Also, thanks for the Pocket PC 2003 tip. I will be getting a new iPAQ or SmartPhone with WiFi, a cell phone extension, and either Verizon, Cingular, or T-Mobile (whichever has GSM and the best international coverage). It'll be at least another 6 weeks. Meanwhile, do you know whether the COMPAQ iPAQ H3600 series can take Windows for Pocket PC 2003? Mine is an H3635 that I bought 9 days before 9/11.

Thanks again,
(btw, I saw your post in comptranslation and will respond)
Aug. 29th, 2005 05:17 pm (UTC)
The easiest, most reliable way to accomplish what you're trying to do is #2. Setting up routing isn't too hard, I can help you figure it out when I get a chance to look at the IPNAT docs.

Sometime soon I'll show you my Monowall box... it's a NetBSD live cd specially taylored for using as a router. Monowall makes everything *much* easier (at the expense of being a bit wussy, it has a neat web GUI :).

