Hi John, Sorry - I must of misread your earlier post the ipmasq rules are in /etc/ipmasq/rules/. This directory the ruleset broken down into individual files (by rule type) to help with the maintenance and management of your firewalling rules (rather than one big script where evrythings chucked together). A definite improvement I think.
By default there should be a whole lot of .def files which give you an idea of how they work before tailoring them for your own requirements (by creating .rul files which will replace the .def's if they exist). Note: the order in which the rule files are invoked is controlled by the file prefix (i.e. A00.. is implemented before Z99...). I remember going through some document when I changed over - I will email a link when I dig it up ... ITMT - The references below may be of use also ... HTH Alan *** from the IPMASQ HOWTO The Linux IP Masquerade Resource is a website dedicated to Linux IP Masquerade information also maintained by David Ranch and Ambrose Au. It has the latest information related to IP Masquerade and may have information that is not being included in the HOWTO. You may find the Linux IP Masquerade Resource at the following locations: http://ipmasq.cjb.net/, Primary Site, redirected to http://ipmasq.cjb.net/ http://ipmasq2.cjb.net/, Secondary Site, redirected to http://www.geocities.com/SiliconValley/Heights/2288/ > Date: Sun, 13 Aug 2000 01:13:44 -0500 (CDT) > From: John Reinke <[EMAIL PROTECTED]> > To: debian-user@lists.debian.org > Subject: Re: Potato IP Masq > I've read the man pages, and they say nothing about ipchains or > ip_forwarding. Or, do those commands now belong in /etc/network/interfaces? > > > On Sun, 13 Aug 2000, Alan McNatty wrote: > > > check out /etc/netgwork/interfaces (man interfaces, if-up, and if-down) > > HTH > > > > ----- Original Message ----- > > From: John Reinke <[EMAIL PROTECTED]> > > > > > Along with setting up my network doing it the "Potato Way", I'm not sure > > > where to put the ipchains and /proc/sys/net/ipv4/ip_forward commands that > > > I used in /etc/init.d/network for Slink. I didn't see this in the > > > documentation. > > > > > > It looks like the ip_forward can be set in /etc/network/options, but where > > > does the rest go? > > > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null > > Alan McNatty ([EMAIL PROTECTED]) Catalyst IT Limited http://www.catalyst.net.nz Level 22 Morrison Kent House, 105 The Terrace PO Box 10-225 Wellington, New Zealand Ph 64 4 4992267 Fx 64 4 4995596
