SLIP, RS232 network link

Linux & Windows TCP/IP network connected to RS232 SLIP network via SuSE 9.0 gateway.

This article describes how a computer equipped only with a serial port was attached to a local area network.

Content revision history:
Article first written, 23rd August 2006.
Picture added, 5th September 2009.
Text revised for clarity, 6th September 2009.

Background information

The author needed to connect a computer embedded within some equipment to an in-house network so that the equipment could be monitored remotely using software running on a personal computer. However since the embedded computer had no ethernet interface it was necessary to somehow give it a network connection via its on-board RS232 serial port. Accordingly the embedded computer was connected to another, ordinary computer via an RS232 connection and then the ordinary computer was In order to find a solution it was decided configured to act as a gateway machine to the wider world.

The gateway machine firewall

AberMawr, the fire breathing dragon and close friend of BitWise the penguin.
The proper way to make a firewall (but not for sissies). This is AberMawr the Welsh dragon, a close friend of BitWise the penguin. Yes, it is real fire. No, it isn't Photoshopped. He scorched the leaves of the pot plant and very nearly burned his own nose.

The gateway machine was running version 9.0 of SuSE GNU/Linux and was already acting as a gateway between two ethernet based networks. This machine had a single serial port and two ethernet ports. The SuSE firewall was running. The two ethernet adapters had already been assigned IP addresses. The adapter facing the internal network had IP address 192.168.1.11 and the adapter facing the external (big wide world) network had IP address 192.168.0.11. The SuSEfirewall2 software was already configured correctly for these two ethernet adapters and their respective functions. However the SuSEfirewall2 software had no way of knowing about the serial port device that was to be added.

It was necessary to edit the configuration file for the SuSE firewall software. This file was located at /etc/sysconfig/SuSEfirewall2 but can be edited using the YaST configuration tool.

Within the above file, the parameter strings for the FW_FORWARD and FW_DEV_INT parameters had to be changed:

Original line:

FW_FORWARD=""

Revised line:

FW_FORWARD="192.168.2.0/25,192.168.1.0/24  192.168.1.0/24,192.168.2.0/24"

The above revised line informs the gateway that it is allowed to forwarded traffic between sub domain 192.168.1 and subdomain 192.168.2 in either direction.

Original line:

FW_DEV_INT="eth1"

Revised line:

FW_DEV_INT="eth1 sl0"

The above revised line informs the firewall software that eth1 and sl0 are both trusted network interfaces.

The gateway machine serial port

The serial port for the gateway was configured using the following three instructions:

slattach /dev/ttyS0 -p slip -s 9600 -dL &
ifconfig sl0 192.168.2.11/24
ifconfig sl0 192.168.2.11/24

The ifconfig instruction had to be given twice before it would be accepted. Obviously this implies that something somewhere isn't quite right but, so far, I haven't worked out what. After issuing the above instructions it was necessary to restart the firewall so that it would be able to apply the rules to the now existing device sl0. The firewall was restarted with the following instruction:

rcSuSEfirewall2 restart

The case of the letters is significant and so the instruction must be given exactly as shown.

The remote computer serial port

The serial port for the remote computer was configured using the following three instructions:
slattach /dev/ttyS0 -p slip -s 9600 -dL &
ifconfig sl0 192.168.2.40/24
ifconfig sl0 192.168.2.40/24

These are the same instructions as were used for the gateway machine with the only difference being the IP number used. Again, the ifconfig instruction had to be given twice before it would be accepted.

The cable

The computers were connected with a cable with a 25-pin D shell at either end and with the pins joined as follows:

pin 1 to pin 1
pin 2 to pin 3
pin 3 to pin 2
Pin 4 to pin 5
pin 5 to pin 4

In other words Rx connected to Tx, RTS to CTS, and the signal grounds joined too.

Testing

At this point it was possible to ping the gateway from remote computer and vice versa:

From gateway computer: ping 192.168.2.40
From remote computer: ping 192.168.2.11

It was also possible to issue pings between the remote computer and some other computer on the internal network, for example the internal file server had IP address 192.168.1.131, so

From the remote computer: ping 192.168.1.31
and from internal file server: ping 192.168.2.40

 

Navigation: (site map) learn linux home pagetechnical articles