Am So, den 04.01.2004 schrieb Rich Stanford um 19:25: > My firewall script does it for me with a simple line: > > echo 1 > /proc/sys/net/ipv4/ip_forward > > Now, granted this works with a firewall script that I wrote and use myself to > protect my system: a single Linux box (currently RH9) serves as a router > and firewall for 5 internal machines (2 WinXP, 3 Linux). > > Rich [ shnipped original posting due to bad top-posting :( ] Rich, you are wrong. Setting the kernel register ip_forward to 1 does nothing what is called masquerading. It only lets pass IP traffic from one device to another through the kernel. It has no masquerading functionality at all. Btw. that setting should be better set in /etc/sysctl.conf, if it is not already there. If you want masquerading then you need an iptables rule like: iptables -A POSTROUTING -o ppp0 -j MASQUERADE where ppp0 in this example is the outgoing interface. Alexander -- Alexander Dalloz | Enger, Germany PGP key valid: made 13.07.1999 PGP fingerprint: 2307 88FD 2D41 038E 7416 14CD E197 6E88 ED69 5653
