Re: Proposal: Network configuration file format

[Brian Bassett <brianb@mail.wsu.edu>]

Rene Mayrhofer wrote:
> 
> Brian Bassett wrote:
> > <PLUG TYPE=shameless> Yeah, but why reinvent the wheel when ipmasq does
> > this kinda stuff already? </PLUG>
> My main point is that I want to use named network definitions. These
> definitions should be the same as used for the routing entries and
> therfore I thought of naming the networks at the same stage where
> interfaces are defined. I am not very familiar with ipmasq. Are these
> named network definitions possible ? Is ipmasq aimed for easy setups or
> for general ipchains rule definitions ?

Actually, ipmasq is designed as a way to securely initialize a
forwarding firewall setup using IP Masquerade.  It deals in interface
names (eg "eth0", "ppp0", etc.) and relies on whether an interface is
external (ie connects with an outside network) or internal (ie connects
to a network you want to masquerade).  It has enough smarts to deal with
common setups, but makes it easy to override portions of the firewall
rules for the paranoid and easy to override ipmasq's sense of what
networks are internal and external.  All it's missing right now is a
good set of documentation, but I'm working on that right now.

To borrow a phrase from the Perl scene, it makes the easy stuff cake,
and the hard stuff possible.

Brian