On Fri, Mar 31, 2000 at 06:48:19PM +0200, Philip Lehman wrote: > > I'm trying to set up IP masquerading on a slink/potato box which is > supposed to route the traffic on my home LAN over an ISDN dial-up > line. I have to admit that I have no experience with advanced > networking of this kind. > > I read the IP masquerading HOWTO. It suggests a sample "rc.firewall" > script to set up masquerading and simple firewalling. It appears to me > that this interferes with the /etc/init.d/* scripts used by related > Debian packages, and I'd rather do it the Debian way. > I would recommend installing the ipmasq package, which is reasonably smart and will usually set up IP masquerading for you automatically.
> rc.firewall wants to run: > # echo "1" > /proc/sys/net/ipv4/ip_forward > # echo "1" > /proc/sys/net/ipv4/ip_dynaddr > > I haven't found this in any other script in /etc/init.d/*. What's the > default way to do this? Write my own script? > Yes. > And it wants to run: > # /sbin/ipfwadm -F -p deny > # /sbin/ipfwadm -F -a m -S 192.168.0.0/24 -D 0.0.0.0/0 > > I guess this is what /etc/init.d/ipmasq is for, but I'm feeling lost > as far as the configuration is concerned. The postinstall script asked > for the client IPs on the LAN and I entered that, but where is this > stored? Do I have to do anything in addition to that, or can I rely on > the defaults? I don't need anything fancy, but the setup should be > halfway secure. > Have a look in /etc/ipmasq directory. If you are running slink, you may want to install the ipmasq from potato, which may be a bit smarter. Pete
