Re: Fedora IP Masquerading

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am So, den 04.01.2004 schrieb Rich Stanford um 19:25:
> My firewall script does it for me with a simple line:
> 
> echo 1 > /proc/sys/net/ipv4/ip_forward
> 
> Now, granted this works with a firewall script that I wrote and use myself to 
> protect my system:  a single Linux box (currently RH9)  serves as a router 
> and firewall for 5 internal machines (2 WinXP, 3 Linux).
> 
> Rich

[ shnipped original posting due to bad top-posting :( ]

Rich,

you are wrong. Setting the kernel register ip_forward to 1 does nothing
what is called masquerading. It only lets pass IP traffic from one
device to another through the kernel. It has no masquerading
functionality at all.

Btw. that setting should be better set in /etc/sysctl.conf, if it is not
already there.

If you want masquerading then you need an iptables rule like:

iptables -A POSTROUTING -o ppp0 -j MASQUERADE

where ppp0 in this example is the outgoing interface.

Alexander


-- 
Alexander Dalloz | Enger, Germany
PGP key valid: made 13.07.1999
PGP fingerprint: 2307 88FD 2D41 038E 7416  14CD E197 6E88 ED69 5653




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux