Messages

1

19.1 Legacy Series / Re: Trouble installing NeoRouter

« on: March 22, 2019, 04:11:09 am »

Dag-nabbit!
I posted that last reply to the wrong topic. Sorry for the confusion.

2

19.1 Legacy Series / Re: Trouble installing NeoRouter

« on: March 22, 2019, 02:53:57 am »

Sorry, old-ish thread.
I think the more elegant solution is to just give guest access to my Emby server. It has built-in support for HDHomeRun devices. I just need to give the IP Address of my OPNSense router inside the main network and the port number of my Emby server. I already have the port forwarded in OPNSense, so not a big deal.

3

19.1 Legacy Series / Re: Trouble installing NeoRouter

« on: March 15, 2019, 10:38:40 pm »

I need to make one correction: you could install gcc which is in /usr/ports/lang/gcc and then you should also have a libstdc++ sorry for that mistake, corrected it above

Ok, I think I understand all of that, except that I there is no "/ports" folder inside of "/usr".

I'm coming from a Linux background, but I have very little experience with FreeBSD. I am usually quite comfortable on a shell prompt, but I don't know the "BSD method" for some things. My apologies.

I'm reminding myself how Windows users feel wen I try to explain Linux concepts.

4

19.1 Legacy Series / Re: Trouble installing NeoRouter

« on: March 15, 2019, 08:11:59 pm »

Oh! I should probably mention that I am using NeoRouter Free, not Pro or Mesh.

5

19.1 Legacy Series / Re: Trouble installing NeoRouter

« on: March 15, 2019, 08:09:56 pm »

Hi,

I assume that your VPN application is written in C++. The default C++ standard Library on FreeBSD is libc++ and the default compiler is clang. libstdc++ is rather a gcc related. gcc is afaik not part of the OPNsense standard ports tree. gcc is indeed part of a standard FreeBSD ports tree.

Br br

I'm sorry, but I'm having trouble understanding your response. Is it possible to get NeoRouter going or not, and if so, how? If you need more info in order to help you help me, please let me know what you need.

If it helps, NeoRouter can be found at:
http://www.neorouter.com/products-nrfree
and is a product of ZebraNetworks.

6

19.1 Legacy Series / Trouble installing NeoRouter

« on: March 15, 2019, 03:20:36 pm »

Hello,

I found an interesting VPN Product that I am trying out. They have a version for FreeBSD, which I have installed, but it won't run. Complains about missing dependency "libstdc++". I don't know how to install this dependency. I have tried "pkg install libstdc++", "pkg install libstdc", "pkg install stdc++", etc. I am unable to find any such package!

I am not so familiar with FreeBSD as I am with Linux distros.

What am I doing wrong??

7

19.1 Legacy Series / Re: How to setup and use 1:1 NAT

« on: February 27, 2019, 04:15:45 am »

Update: udp-broadcast-relay doesn't compile properly on FreeBSD/PFSense/OpnSense. I managed to get the updated fork, udp-broadcast-relay-redux, working properly. It turns out, however, that it isn't enough - I need to relay TCP packets also.

Does anyone here know enough about firewall syntax to translate iptables rules to pf rules?
I found that iptables under linux by itself may be sufficient, but I don't know if it is possible to get this to work under OPNSense. I've looked at the WebUI, but I don't think I'd be able to implement this there.

Code: [Select]

iptables -t mangle -A INPUT -i eth0 -d 255.255.255.255 -m ttl --ttl-gt 0 -j TTL --ttl-set 1
iptables -t mangle -A INPUT -i eth1 -d 255.255.255.255 -m ttl --ttl-gt 0 -j TTL --ttl-set 1
iptables -t mangle -A INPUT -i eth0 -d 255.255.255.255 -m ttl --ttl-gt 0 -j TEE --gateway 10.1.1.255
iptables -t mangle -A INPUT -i eth1 -d 255.255.255.255 -m ttl --ttl-gt 0 -j TEE --gateway 10.1.0.255

8

Development and Code Review / Re: Requesting help compiling a simple program for use with OpnSense.

« on: February 27, 2019, 03:25:40 am »

Well, that almost worked. The correct command was actually cc, not cpp or gcc.

9

Development and Code Review / Re: Requesting help compiling a simple program for use with OpnSense.

« on: February 27, 2019, 03:13:31 am »

Just found an updated project: https://github.com/sonicsnes/udp-broadcast-relay-redux
I still had to change the

Code: [Select]

gcc -g to

Code: [Select]

cpp , however, it compiled properly after that.

10

Development and Code Review / Requesting help compiling a simple program for use with OpnSense.

« on: February 27, 2019, 03:03:59 am »

App source can be found at:
https://github.com/nomeata/udp-broadcast-relay

I have installed Git with

Code: [Select]

pkg install git
Make failed, since there is no GCC program. I edited the Makefile, and replaced

Code: [Select]

gcc -g with

Code: [Select]

cpp .

Now, it is failing with

Code: [Select]

main.c:52:10: fatal error: 'linux/if.h' file not found
#include <linux/if.h>
         ^~~~~~~~~~~~
1 error generated.
*** Error code 1

Stop.

Fixing this involves going deeper than I am comfortable.

11

19.1 Legacy Series / Re: How to setup and use 1:1 NAT

« on: February 27, 2019, 02:58:41 am »

Ok. Weird. I already had it configured properly. For some reason, it didn't start working until I cleared out my browser history and cookies, etc.

I can now access the web server across subnets.

As it turns out, however, I need to relay broadcast packets on a particular port from one network to the other. I found a program that should help, but I am having trouble compiling it.

The program is found on Github at:
https://github.com/nomeata/udp-broadcast-relay

I am thinking I should start a new topic for this, as it is now a new problem.

12

19.1 Legacy Series / How to setup and use 1:1 NAT

« on: February 27, 2019, 12:21:38 am »

Hello,
I just switched from PFSense to OpnSense, since my aging APU1D4 isn't going to be supported after the next update to PFSense.

Here is the situation: I live in a house with 3 other people, and I setup my router behind the ISP's router in a Double-NAT configuration. This is mostly for privacy - I don't want opportunistic room mates using my printer, etc.

I DO have one device that I need to expose to the outer network, however. I posted on the forum for that device, to ask what ports need to be forwarded, and they informed me that the device needs to be on the same subnet as the computer that is interfacing with it. Basically, I have a network TV Tuner, that needs to be on 2 different networks at the same time, but without the Tuner knowing about the other network. If I understand correctly, I need to setup 1:1 NAT, on a virtual IP address on the WAN. I am going crazy trying to get it going, however!

So, my ISP router has a DHCP server issuing leases on the 192.168.254.0/24 subnet. Inside of that, I have my OpnSense router with a Static IP address of 192.168.254.252 and a 24-bit netmask. Gateway 192.168.254.254, which is the IP of the ISP's router. I have confirmed that 254.252 is outside of the ISP's router's DHCP Pool.

My TV Tuner is on IP address 192.168.1.2, and is behind my OpnSense Firewall. I created a Virtual IP address of 192.168.254.253 on the WAN address of the OpnSense router, and am trying to cause all traffic intended for 192.168.254.253 to forward transparently to 192.168.1.2, kind of like what is referred to as a DMZ on other routers.

Am I even going about this the correct way? Thus far, I have been unable to connect to the embedded Web Server on the TV Tuner from any machine on the 254.0/24 subnet by opening a browser and pointing it to '192.168.1.253' with my previous efforts. Then again, I've never before tried to setup a 1:1 NAT mapping before, and I'm not exactly familiar with how it works, which makes it all the more daunting.

Some insight here would help.

--Aaron

P.S.: I've searched the forums to see if my question was already answered, but I only found a bunch of vague questions, with 0 replies.