[dropping individuals as recipients]
Quoting Sunil Mohan Adapa (2019-07-31 17:46:44)
> On 31/07/19 7:46 am, Wookey wrote:
> [...]
> >
> > What is the modern equivalent of 'ipmasq'? I still miss this tool on
> > a regular basis and loved what it did. I have not found a
> > replacement and forever end up looking up runes on the net and doing
> > it by hand with iptables. ('it' being setting up my machine to
> > listen on one interface (e.g. to a dev board) and forward everything
> > to/from the real internet (wifi or ethernet). ipmasq did agreat job
> > of hiding the previous transition from ipchains to iptables. I've
> > never heard of nftables which is apparently the new thing. Nor
> > firewalld - perhaps it would do what I want?
> >
> > For those too young to know, ipmasq basically does(did - removed in
> > 2009!) what the script on this page does for you:
> > https://debian-administration.org/article/23/Setting_up_a_simple_Debian_gateway
>
> I believe this is done in firewalld by assigning the outgoing network
> interface to 'external' zone and other network interfaces to
> 'internal' zone.
>
> Alternatively, setting 'masquerade=yes' property on the zone that is
> assigned outgoing network interfaces should achieve the same result.Alternatively, using systemd-networkd (i.e. not needing firewalld or network-manager or ifupdown) you can set IPMasquerade=yes for /etc/systemd/network/*.network profiles (see "man systemd.network") of each device that should be masqueraded (that is, the _opposite_ interfaces than the ones you would flag in firewalld). - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
