On Sun, 2003-02-23 at 12:27, Nathan E Norman wrote: > On Sun, Feb 23, 2003 at 11:13:24AM -0500, Scott Ehrlich wrote: > > [ top posting SUCKS ] >
[ self-righteousness SUCKS ] > > Other than the Firwall HOWTO I referenced, what other areas of my install > > should I look at, and how should the files/configuration appear? screw the firewall howto, look at this: http://www.netfilter.org/documentation/HOWTO//NAT-HOWTO.html What you want is called NAT, or Network Address Translation. If you want the low-cholesterol version, check: http://www.netfilter.org/documentation/HOWTO//NAT-HOWTO-4.html#ss4.1 Of course, you _could_ let this 'ipmasq' package do it for you, and it probably does as good of a job as my own scripts, but it's good to know what's under the hood (and it ain't much). > > I'm first looking to establish successful routing. Once that is done, > > I'll worry about filtering, if desired. >From the aforementioned page: 4.1 I just want masquerading! Help! This is what most people want. If you have a dynamically allocated IP PPP dialup (if you don't know, this is you), you simply want to tell your box that all packets coming from your internal network should be made to look like they are coming from the PPP dialup box. # Load the NAT module (this pulls in all the others). modprobe iptable_nat # In the NAT table (-t nat), Append a rule (-A) after routing # (POSTROUTING) for all packets going out ppp0 (-o ppp0) which says to # MASQUERADE the connection (-j MASQUERADE). iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE # Turn on IP forwarding echo 1 > /proc/sys/net/ipv4/ip_forward Note that you are not doing any packet filtering here: for that, see the Packet Filtering HOWTO: `Mixing NAT and Packet Filtering'. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
