Updated Dec 20 2002

The iR Port Forwarder Page

This page has been put together to assist you
in connecting a single iR pull scanning product into a multi network/subnet environment

 

Update Oct 24 2002 Network Scangear V 1.4 now supports subnet scanning
 

Click here to download the Port Forwarder


1.   What is a Port Forwarder?
2.   How does this apply to the iR products?
3.   How much does it cost to implement?
4.   How does it work? (The executive summary)
5.   How does it work? (The techno dude summary)
6.   What iR products does it apply to?
7.   What printing protocols or services can still be used?
8.   What printing protocols can not be used?
9.    I'd like to download the Port Forwarder
10.  I need to adjust the amount of RAM the Port Forwarder uses.
11.  How do I configure the Port Forwarder?
12.  Why is it important to backup to disk?
13.  I need to change the NIC module(s) the Port Forwarder uses.  I need help
14.  I downloaded my NIC module(s).  How do I get them on my Port Forwarder disk and configure to use it?
15.  My NIC module is included with the Port Forwarder distribution, how can I configure to use it?
16.  I need to enable or disable the IPX feature of the Port Forwarder
17.  How do I change the IP addressing of the NIC's with the Port Forwarder?
18.  I have everything configured correctly what IP address do the workstations need to point to
19.  I want to change the IP address of the iR Product and eth0.  What else do I need to configure?
20.  I need to check and test connectivity.  What commands can I use.  What errors are normal
21.  I want to use the Weblet, what IP and port number should I use?
22.  I want to connect with the Port Forwarder using Telnet/SSH, what do I need to do?
23.  I'd like to use the Webadmin feature
24.  I tried the Windows Coyote disk creator but I cannot get Webadmin, Weblet, SSH...,
25.  I'm using a 386 or 486 without a Math co-processor.  The Port Forwarder is complaining about lack of Math co-Processor ..
26.  I like some more LRP links
27.  I'd like to add RSA authorization_keys to my SSH enabled Coyote linux distro
28.  I'd need with the Coyote Linux DHCP Client and Server

   

1. What is a Port Forwarder?
A Port Fowarder is a Network connected computer that can take packets from one network/subnet and forward them directly to another Network connected device
A Port Forwarder can take packets from one Network/Subnet and forward them to another Network connected device on a different Network/Subnet
A Port Forwarder can also be used to change the port number of the packet
 

2. How does this apply to the iR products?
Pull Scanning on the iR products requires the use of the Canon Network ScanGear software
Limitations in this software prevent scanning across a router.
The Port Forwarder enables a single iR Pull scan product to work in a multi network/subnet environment
 

3. How much does it cost to implement?
The Port Fowarder is a modified Linux Router Project (LRP) distribution called Coyote Linux
The entire distribution is self contained on a single floppy
All that is required is a 486 or better, a 1.44 MB floppy drive, 16 MB's or RAM and a few NICS
The Port Forwarder like many wonderfull Linux products is free and is distributed under the GNU General Public Licence
 

4. How does it work? (The executive summary)
Each of the customers subnets/Networks is connected to the Port Forwarder on a seperate NIC.
The iR product is also connected to a seperate NIC
All TCP/UDP/IPX packets received on each of the subnet NICS are automatically Port Forwarded directly to the iR product
The Port Forwarding tricks the workstations on all subnets into thinking that iR product is connected to their subnet
 

5. How does it work? (The techno dude summary)
Lets say a customer has 3 subnets
192.168.10.x
192.168.20.x
192.168.30.x

The iR product will require a network/subnet.  Lets say;
192.168.0.x

Lets use the following IP addresses for the Port Forwarder NICS and iR product.

NIC 1  192.168.10.10  IP Address of Port Forwarder NIC 1  (Connected to Subnet 1)
NIC 2  192.168.20.10  IP Address of Port Forwarder NIC 2  (Connected to Subnet 2)
NIC 3  192.168.30.10  IP Address of Port Forwarder NIC 3  (Connected to Subnet 3)
NIC 4  192.168.0.10  IP Address of Port Forwarder NIC 4  (Connected to iR Product)
iR Product 192.168.0.100  IP Address of iR product

Once configured correctly, the Port Forwarder will forward all TCP/UDP/IPX packets received on NIC 1, NIC 2 and NIC 3 directly to the iR Product

Workstations on Subnet 1 (192.168.10.x) must be configured to print/scan/RUI to 192.168.10.10
Workstations on Subnet 2 (192.168.20.x) must be configured to print/scan/RUI to 192.168.20.10
Workstations on Subnet 3 (192.168.30.x) must be configured to print/scan/RUI to 192.168.30.10

The Port Forwarder will take care of the connectivity to the iR Product seemlessly
 

6. What iR products does it apply to?
The iR 105 2200 2800 3300 5000 8500 products with Pull Scanning using the Canon Network Scangear software can use this solution
Some of these products have (or will soon) the IP platform option providing Push Scanning
Push Scanning apparently will not have these limitations
 

7. What printing protocols can still be used?
So far my limited testing has shown the Port Forwarder works with the following Protocols and Situations
Canon Network Scan Gear V1.3
Canon LPR V1.31e
Windows 2000 Standard Port Monitor (Port 9100)
Windows NT4 TCP/IP Printing
Windows 98SE (ACITS LPR)
IPX Bindery, IPX NDS, Canon NDPS
PCL 5.2 Job Accounting, Get Device Status, Mailbox printing
 

8. What printing protocols can not be used?
NetBIOS and SMB printing (Yay)
AppleTalk (I'd use LPR/LPD instead)
There is a Appletalk solution here however I have not yet tried to implement it.
 

9. I'd like to download the Port Forwarder
Click here to get Port Forwarder zip file
Within the zip file is a compressed Winimage 6 image
To create your disk, download Winimage from here
Start Winimage, choose file, open and open the port_forwarder.imz
Put a clean formatted floppy in your drive
Choose Disk, write disk
Your Port Forwarder disk is ready
 

10. I need to adjust the amount of RAM the Port Forwarder disk uses.
On your floppy, there is a configuration file called syslinux.cfg.
You can edit it with any Dos or Linux box

Here is an example;

display syslinux.dpy
timeout 0
default linux
append=load_ramdisk=1 initrd=root.tgz initrd_archive=minix LRP=etc,log,local,modules,config ramdisk_size=16384root=/dev/ram0 boot=/dev/fd0,msdos

You will want to adjust ramdisk_size=     (Note: It must be a multiple of 1024)
 

11. How do I configure the Port Forwarder?
When you first boot from the disk you are faced with a login prompt
Use root as the user name.
If it asks you for a password, the password is also root
After logging in, you will be looking at the Coyote Linux Gateway Configuration Menu
You can get to the Coyote Linux Gateway Configuration Menu at any time by typing lrcfg (Linux Router Config)

(For security reasons, you should change your root password)  

12.  Why is it important to backup to disk?
LRP's read from the boot media (floppy in our case) and decompress everything to a Ramdisk
Any changes you make must be put back on the floppy
Always remember to run lrcfg and choose Back-up configuration
 

13.  I need to change the NIC module(s) the Port Forwarder uses.  I need help
I included the following modules with this distribution.
I believe they are the more popular ones.
3c509.o
3c59x.o
8390.o
e2100.o
eepro.o
eepro100.o
ne.o
ne2k-pci
pci-scan.o
tulip.o

If your NIC module is not in this list, you will have to download one
Download the module that is compatible with your kernel version.
The Port Forwarder currently uses Kernel version 2.2.19
(Check your current kernel version by typing uname -a on your Linux box)

Here is a direct link to 2.2.19 net modules.
If you cant find your module from the link above, use Google and search for "2.2.19 net modules"
 

14.  I downloaded my NIC module(s).  How do I get them on my Port Forwarder disk and configure to use it?
In this example, we are going to copy a module called isgsp.o to the Port Forwarder

1.  Download your module
2.  Pop the modules onto a clean Dos floppy
3.  Boot your LRP box
4.  At the # prompt, type mount  -t  msdos  /dev/fd0  /mnt  This will mount the Dos floppy 

Typing a:is the same as mount  -t  msdos  /dev/fd0  /mnt (I included an alias or shortcut)

5.  Type cp  /mnt/isgsp.o  /lib/modules  This will copy the module isgsp.o to the /lib/modules folder
6.  Type umount /mnt  This will unmount the Dos floppy 

Typing ejectis the same as cd / and unmount /mnt (I included an alias or shortcut)

7.  Remove the Dos floppy and put back the Port Forwarder floppy
8.  Run lrcfg
9.  Hit 3 (package settings) enter
10.  Hit 2 (modules) enter.   Then hit 1 (modules) enter
11.  This is the list of modules that are to be loaded.  Put the name of your module in the list.  Do not include the .o
12.  Remark out (# in front) any modules you do not need)
13.  Hit Ctrl and S to save.
14.  Hit Ctrl and C to quit
15  Hit Q to quit two times
16.  We must now backup the ramdisk to floppy. Choose b (Back-up ramdisk)
 

If all goes well, all that is required is a reboot for the changes to take effect

Note 1: Microsoft Internet Explorer is notorious for corrupting downloads of file formats it does not understand.  (I think they do it on purpose)
If you have weird issues with any files you download from IE, you could try Netscape, Mozilla or better yet, use a Unix or Linux box

Note 2: Some modules need other modules to work.  For example 8390.o must be loaded before ne.o will work.  Also PCI scan is required (I think) for PCI NICS
If you are stuck, Read, Read, Read
 

15.  My NIC module is included with the Port Forwarder distribution, how can I configure to use it?
1.  Run lrcfg
2.  Hit 3 (package settings) enter
3.  Hit 2 (modules) enter.   Then hit 1 (modules) enter
4.  Remove the remark (#) from the from of any modules you need
5.  Remark out (# in front) any modules you do not need
6.  Hit Ctrl and S to save.
7.  Hit Ctrl and C to quit
8  Hit Q to quit two times
9.  We must now backup the ramdisk to floppy. Choose b (Back-up ramdisk)
 

16.  I need to enable or disable the IPX feature of the Port Forwarder
The IPX module is already  installed on the disk
All that is required is some configuration

You can enable or disable IPX support by editing the rc.local file

1. Run lrcfg
2. Type 1 Network Settings
3. Type 3 Misc startup command (rc.local)
4. Go to the bottom /usr/bin/ipxbridge
5. Read what it says
6. Dont forget to backup to disk

You must also configure which NIC's are to use IPX

1.  Run lrcfg
2.  Type 3 Package settings
3.  Type 3 IPX Bridge
4.  Type 1 Config
5.  Add or remark out your NIC eth number accordingly
6. Dont forget to backup to disk
 

17.  How do I change the IP addressing of the NIC's with the Port Forwarder?
1. Run lrcfg
2. Type 1 Network Settings
3. Type 3 Misc startup command (rc.local)

Here is an example for eth0

ifconfig eth0 192.168.0.1 netmask 255.255.255.0   (configure eth0 for an IP address of 192.168.0.1 with a subnet mask of 255.255.255.0)
ifconfig eth0 up  (Start eth0)

If you want to do as little configuring as possible, you should leave eth0 set with this IP.

If you set the iR product with an IP of 192.168.0.100, eth0 will be on the same network and no more configuration for eth0 is necessary

The IP addresses for eth1, eth2 ... are the ones you will have to change

Ask the customers Network Admin to provide you with a static IP for each subnet they have. (DHCP is not supported yet)

Enter these static IP addresses and subnet masks to the eth1, eth2 .. values

Backup your disk and reboot
 
 

18.  I have everything configured correctly what IP address do the workstations need to point to
The customers on subnet x need to point to the Static IP address assigned to the Port Forwarder for that subnet
See 5. How does it work? (The techno dude summary) from above

For products like Network Scangear you cannot (yet) use discover
You must manually enter the IP address of the Port Forwarder IP on that subnet
 

19.  I want to change the IP address of the iR Product and eth0.  What else do I need to configure?
If you really want to ..you also must change the  IPCHAINS and IPMASQADM AUTOFW rules
1.  Type lrcfg
2.  Type 1 Network settings
3.  Type 4 IP Masquerading configuration

Here is an example

# Allow the iR Product access the outside world
/sbin/ipchains -A forward -j MASQ -s 192.168.0.100/32 -d 0.0.0.0/0

# Auto Forward UDP and TCP packets to iR Products IP address
# It is safe to leave it at 192.168.0.100 and set the iR product with this IP
ipmasqadm autofw -A -r udp 1 65534 -h 192.168.0.100
ipmasqadm autofw -A -r tcp 80 65534 -h 192.168.0.100

Ensure you change the 192.168.0.100 in these lines to reflect the new IP of the iR printer
 

20.  I need to check and test connectivity.  What commands can I use.  What errors are normal

Type ifconfig to see what eth number has what IP in case it gets confusing.

From the Port Forwarder, you can use the ping command to determine if you have IP connectivity

If you try to ping any of the Port Forwarder IP addresses from the Port forwarder it is perfectly normal to get this error

forwarder# ping 192.168.10.36
PING 192.168.10.36 (192.168.10.36): 56 data bytes
Warning: unknown ICMP packet received (not echo-reply)
64 bytes from 192.168.10.36: icmp_seq=0 ttl=255 time=1.3 ms
Warning: unknown ICMP packet received (not echo-reply)
64 bytes from 192.168.10.36: icmp_seq=1 ttl=255 time=1.0 ms
Warning: unknown ICMP packet received (not echo-reply)
64 bytes from 192.168.10.36: icmp_seq=2 ttl=255 time=1.0 ms
Warning: unknown ICMP packet received (not echo-reply)
64 bytes from 192.168.10.36: icmp_seq=3 ttl=255 time=1.0 ms
Warning: unknown ICMP packet received (not echo-reply)
64 bytes from 192.168.10.36: icmp_seq=4 ttl=255 time=1.0 ms

Do not worry.  I also receive this error. You are pinging successfully

This however indicates you are not connected

forwarder# ping 192.168.10.2
PING 192.168.10.2 (192.168.10.2): 56 data bytes
Warning: unknown ICMP packet received (not echo-reply)
Warning: unknown ICMP packet received (not echo-reply)
Warning: unknown ICMP packet received (not echo-reply)
Warning: unknown ICMP packet received (not echo-reply)
Warning: unknown ICMP packet received (not echo-reply)
Warning: unknown ICMP packet received (not echo-reply)


Port Forwarder Download
Included Options
Notes
Port Forwarder #1
Coyote Packaging System (CPS), Toolpack
Coyote Packaging System (CPS)
CPS allows easy installation of addons to Coyote Linux by use of a package files (.cps) which are similar to the .lrp files! CPS is the program which installs the package on Coyote for you, during package installation you are asked to setup each packages config files.
"This pack contains some tools that Coyote forgot! In it you'll find tools to reload your firewall & masq scripts, backup your CL disk, format a disk, modify a program's scheduling priority, emulated Vi editor, and an emulated pico editor!"

Please refer to the Readme included with the Port Forwarder on specifics to these add-ons

 Port Forwarder #2

Port forwarder #1
with Weblet


Weblet uses a shell-script based web server (sh-httpd) and some CGI scripts that let you check on the status of your Coyote box and read log files with a web-browser. This version of weblet also includes a bandwidth monitor (lrpstat).

Please refer to the Readme included with the Port Forwarder on specifics to these add-ons
Port Forwarder #3
Port Forwarder #2
with Telnet/SSH and Webadmin
Telnet over SSH is a more secure way of remotely communicating with the Port forwarder
More info on SSH here

Webadmin is a cool (experimental) way of administering the firewall over a browser

Please refer to the Readme included with the Port Forwarder on specifics to these add-ons


21.  I want to use the Weblet, what IP and port number should I use?

(Make sure you downloaded the correct Port Forwarder to get this feature)
Weblet originally used port 80
I wanted to the Port forwarder to allow the iR products web server to continue to use this port
Thus I had to change the Weblet port number to a port number less than 80
I chose port 30 for the Weblet since according to my documentation it is unused

So, Point your browser to http://192.168.0.1:30 or http://any IP on your Port Forwarder:30

22.  I want to connect with the Port Forwarder using Telnet/SSH, what do I need to do?
(Make sure you downloaded the correct Port Forwarder to get this feature)
You need a Telnet Client that supports SSH
I really like Putty. Its simple, stable small and free  Download it here
Once installed simple configure your Telnet client to point to the Port Forwarder on port number 22 (SSH Remote Login Protocol)
I would not recommend using any of the native MS telnet clients.  They do weird things.

23.  I'd like to use the Webadmin feature
(Make sure you downloaded the correct Port Forwarder to get this feature)
There isnt much documentation on this one

Webadmin originally used port 8180
Because of Port Forwarding, I had to change the Webadmin port number to a port number less than 80
I chose port 60 for the Webadmin since according to my documentation it is unused
So, Point your browser to http://192.168.0.1:60.

Remember.  The Webadmin is experimental.  Be carefull and good luck

24.  I tried the Windows Coyote disk creator but I cannot get Webadmin, Weblet, SSH...
The Coyote Windows GUI disk creater provides a simple distribution
To get any of the newer cooler features you must download the full distrubution files onto a Linux box and use the makefloppy script

Here's a download link  from the Coyote Linux site

Download, decompress and type ./makefloppy.sh to start the script
The makefloppy script will walk you through the entire disk creation

Dont be scared, its easy   :-)


25.  I'm using a 386 or 486 without a Math co-processor.  The Port Forwarder is complaining about lack of Math co-Processor ..
Sorry, all the Port forwarders are designed for 486 DX or faster (with math processors)
I believe the easiest way around this is to create a new floppy using the makefloppy script.  (See here)
Be sure to specify your processor type.
Once this is done, the linux kernel on this floppy can easily be copied from this disk to your Port Forwarder disk
Just copy over the file linux and reboot.
If you are really stuck, here is a Winimage image with only the kernel on it
This kernel supports Math Co-processor emulation so it should work with your non Math co-processor machine
In theory you should be able to take your port forwarder disk and replace the file linux with the new one
You may need to do this on a Linux box because Windows has a nasty habit of corrupting what it doesnt understand


26.  I like some more LRP links
Coyote Linux FAQ page
http://www.dalantech.com (Search for Coyote FAQ)

My EZ-Seti home page
../../../seti/index.html


27.  I'd like to add RSA authentication on my SSH enabled Coyote linux distro
This assumes you are using or have created a Coyote Linux distro with SSH

1. Create your key pair

From a GNU or Unix box on the LAN:
Generate a key pair using ssh-keygen.
By default, the private and public keys are, respectively,
$HOME/.ssh/identity
$HOME/.ssh/identity.pub

From a Windows box on the LAN:
Generate a key pair by executing PuTTY'sputtygen.exe tool. Save the private key somewhere sensible.
Save the private key as identity
Save the public key as identity.pub

2. Copy the public key to the Coyote firewall

From a GNU or Unix box on the LAN:
scp $HOME/.ssh/identity.pub uncle@192.168.0.1:/tmp/mybox-joe

From a Windows box on the LAN:
Use PuTTY's pscp.exe tool to copy the public key from the client to the firewall:
pscp C:\ssh\identity.pub dialer@192.168.0.1:/tmp/mybox-joe

3.  Append the public key to the desired key list

From a GNU or Unix box on the LAN:
ssh root@192.168.0.1 "cat /tmp/mybox-joe >> /root/.ssh/authorized_keys"


From a Windows box on the LAN:
Use PuTTY's plink tool for this
plink -ssh root@192.168.0.1 "cat /tmp/mybox-joe >> /root/.ssh/authorized_keys"


4. Edit /var/lib/lrpkg/etc.list

Using ae, edit /var/lib/lrpkg/etc.list on the firewall
Add /root to the bottom of the file


5.  Backup your configuration to disk, reboot and test



28.  I'd need with the Coyote Linux DHCP Client and Server
Here is a DHCP page for you



Home                   Back

If you find an error or wish to comment please let  me know.