Matt Welsh
Last updated 20 October 1998

This page is a tutorial on setting up your Palm Pilot to talk to the Internet, using Linux, PPP, and IP Masquerading. The idea here is that your Pilot is connected to a Linux box via a serial cable (such as the cradle), or perhaps through some other point-to-point serial connection. Moreover, the Pilot does not have an IP address of its own, so we use IP Masquerading, which allows the Pilot to use a "bogus" IP address, the packets for which are forwarded to the Internet by the Linux machine.

Here I use the ProxiWeb web browser as an example application --- this mechanism should work for any Pilot-based network application.

Pilot Setup:

1. Download ProxiWeb from www.proxinet.com. Install the relevant files onto your Pilot.

2. On the Pilot, go to Prefs->Modem. Select 'IBM WorkPad Modem'. Set speed to 38,400 bps. Ensure TouchTone is set.

3. Go to Prefs->Network. Enter a bogus phone number in the 'Phone' field (I do this rather than use '00' which means 'no phone number'. This is to ensure that the PPP setup script used below works.)

4. On Prefs->Network, select 'Details...'. Set connection type to PPP, timeout to power off. Deselect 'Query DNS' and enter the IP address 128.32.38.25 (barad-dur's IP address) as the Primary DNS server. For IP address, de-select 'Automatic' and enter your bogus IP address for the Pilot. I use 10.0.0.1 as an example here, many IP addresses can be used as long as they do not conflict with 'real' addresses on the Internet. Addresses in the range:
   • 10.0.0.0 through 10.255.255.255
   • 172.16.0.0 through 172.31.255.255
   • 192.168.0.0 through 192.168.255.255
   can be safely used (from RFC 1597).

Linux machine setup:

1. Recompile your kernel (I use 2.0.33) to include PPP support, firwalls, IP forwarding, IP firewalling, and IP masquerading. The relevant settings in your kernel .config file are:

     CONFIG_PPP=y
     CONFIG_FIREWALL=y
     CONFIG_IP_FORWARD=y
     CONFIG_IP_MULTICAST=y
     CONFIG_IP_FIREWALL=y
     CONFIG_IP_MASQUERADE=y
   

   Build and install the new kernel.

2. Ensure that IP forwarding will be enabled on your machine by editing /etc/sysconfig/network and setting

     FORWARD_IPV4=yes
   

   This is the mechanism used under Red Hat 5.0. If you use another distribution you may simply need to execute, as root:

     $ echo 1 > /proc/sys/net/ipv4/ip_forward
   

   (This would be done once you have rebooted with the new kernel, of course.)

3. Install ipfwadm which can be obtained as a prebuilt RPM package from here. Install it as root with

     $ rpm -ivh ipfwadm-2.3.0-6.i386.rpm
   

   This requires GNU libc so the binary should run on any machine with those libraries. If you don't use Red Hat you can obtain the binary (install it as /sbin/ipfwadm with permissions 0755) from here.

4. As root, run the commands:

     $ ipfwadm -F -p deny
     $ ipfwadm -F -a accept -m -S 10.0.0.1
   

   This instructs the kernel to masquerade the IP address 10.0.0.1 over the network as your host's IP actual IP address.

5. Ensure that the stty settings for the Pilot cradle (or modem, or whatever) are correct. I use:

     $ stty 38400 < /dev/cua0
     $ stty sane < /dev/cua0
   

   The output of stty -a < /dev/cua0 should be:

   speed 38400 baud; rows 0; columns 0; line = 0;
   intr = ^C; quit = ^\; erase = ^?; kill = ^U; eof = ^D; eol = ;
   eol2 = ; start = ^Q; stop = ^S; susp = ^Z; rprnt = ^R; werase = ^W;
   lnext = ^V; flush = ^O; min = 1; time = 0;
   -parenb -parodd cs8 hupcl -cstopb cread clocal crtscts
   -ignbrk brkint -ignpar -parmrk -inpck -istrip -inlcr -igncr icrnl ixon -ixoff
   -iuclc -ixany imaxbel
   opost -olcuc -ocrnl onlcr -onocr -onlret -ofill -ofdel nl0 cr0 tab0 bs0 vt0 ff0
   isig icanon iexten echo echoe echok -echonl -noflsh -xcase -tostop -echoprt
   echoctl echoke
   

   If you have problems later on it is VERY likely that your stty settings are at fault!

6. Run this Perl script as root, with one argument -- the IP address of your Linux machine on the Ethernet. Edit the script first and modify the value of $remoteip to be the bogus IP address you have selected.

   For example, run the script as:

     $ ppup 128.32.44.56
   

   It looks like you need to re-run this script every time the PPP connection needs to be reestablished (for example, when the Pilot powers off). While browsing you might want to disable the power-off timeout of your Pilot.

7. Now, on the Pilot, go ahead and start up ProxiWeb and try to open up a page (like www.yahoo.com). The Pilot should prompt you to open a connection to the proxy; go ahead and do this, keep your fingers crossed, and hope it works.

Some debugging tips:

• You can add print statements to the ppup script to see if the script is getting anything from the Pilot (it should look like modem 'AT' commands, since the script is pretending to be a modem). If you don't see anything then there's a problem with the serial port settings (use stty), or perhaps the modem settings on the Pilot.
• You can use tcpdump -i ppp0 to see if anything is coming in over the PPP connection from the Pilot. The first things you should see are DNS lookups from ProxiWeb. If these aren't responded to then perhaps IP forwarding/masquerading is not working correctly. Use tcpdump -i eth0 (filtering the output of course) to see if the PPP packets are being masqueraded and forwarded properly over the Ethernet.
• If you look at /proc/net/ip_masquerade you should see entries for the bogus IP address of the Pilot which the kernel intends to Masquerade over the network. This will only show up after the first such packet, however, but if nothing ever appears here you know something's wrong with either the PPP connection or the IP masquerading setup.
• If you enable CONFIG_IP_FIREWALL_VERBOSE in your kernel, and use the -v option with ipfwadm, each packet being forwarded will be logged to the system logs.
• The Linux IP Masquerading Site has a lot of useful information.

Best of luck!