Re: Latest Mandrake

To: debian-devel@lists.debian.org
Subject: Re: Latest Mandrake
From: Paul Slootman <paul@debian.org>
Date: Mon, 18 Dec 2000 16:07:11 +0100
Message-id: <[🔎] 20001218160711.D22078@murphy.nl>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 878zpep92f.fsf@glaurung.green-gryphon.com>; from srivasta@debian.org on Sun, Dec 17, 2000 at 11:55:36PM -0600
References: <[🔎] 20001216005319.A11050@silly.cloud.net.au> <[🔎] 3A3A34A6.DB57172@cs.bilkent.edu.tr> <[🔎] 00121516293400.02313@dune> <[🔎] 3A3A41D1.A831F4C1@cs.bilkent.edu.tr> <[🔎] 20001215180142.13858.qmail@oak.oeko.net> <[🔎] 003101c06750$25f3c070$bddee23e@enode> <[🔎] 20001216155011.518.qmail@oak.oeko.net> <[🔎] 87elz83pak.fsf@glaurung.green-gryphon.com> <[🔎] 20001217194211.11458.qmail@oak.oeko.net> <[🔎] 878zpep92f.fsf@glaurung.green-gryphon.com>

On Sun 17 Dec 2000, Manoj Srivastava wrote:
> >>"Toni" == Toni Mueller <deb-l@tonimueller.org> writes:
> 
> 	You are not hanging out with the right people, then. All you
>  need to do to override the package's rules is:
> 
>  # cp filename.def filename.rule
>  # vi filename.rule

Actually, the extension is ".rul", not ".rule".

>  Toni> Administrating a set of ipmasq rules together with their
>  Toni> respective local exceptions imho is a major headache, and I
>  Toni> actually don't see the benefit using ipmasq with it's myriad of
>  Toni> config files (you need when trying to override the built-in
>  Toni> rules) compared with just running a script like

The cool thing about ipmasq is that it has a concept of what interfaces
are internal and which are external. Only packets going out on the
external interfaces are masqueraded. This is also very useful when there
is more than one external interface (e.g. I have a setup with multiple
dialout configurations over ISDN, each one has its own ipppX interface).

It takes just a little getting used to, but then it's very nice.  For
firewalling extra bits (e.g. only allow external connections to come in
to smtp and http, for example) you edit the rules for incoming external,
i.e. I90external.

And simply rerun "ipmasq" should your external interface get a new IP
address.

Paul Slootman
-- 
home:       paul@wurtel.demon.nl http://www.wurtel.demon.nl/
work:       paul@murphy.nl       http://www.murphy.nl/
debian:     paul@debian.org      http://www.debian.org/
isdn4linux: paul@isdn4linux.org  http://www.isdn4linux.org/

Reply to:

References:
- Re: Latest Mandrake
  - From: Hamish Moffatt <hamish@debian.org>
- Re: Latest Mandrake
  - From: "Eray Ozkural $exa$" <erayo@cs.bilkent.edu.tr>
- Re: Latest Mandrake
  - From: Mariusz Przygodzki <dune@home.pl>
- Re: Latest Mandrake
  - From: "Eray Ozkural $exa$" <erayo@cs.bilkent.edu.tr>
- Re: Latest Mandrake
  - From: Toni Mueller <deb-l@tonimueller.org>
- Re: Latest Mandrake
  - From: "Jens Müller" <jens@unfaehig.de>
- Re: Latest Mandrake
  - From: Toni Mueller <deb-l@tonimueller.org>
- Re: Latest Mandrake
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: Latest Mandrake
  - From: Toni Mueller <deb-l@tonimueller.org>
- Re: Latest Mandrake
  - From: Manoj Srivastava <srivasta@debian.org>

Prev by Date: Re: Packages in pool and woody
Next by Date: Re: testing to be implemented on ftp-master
Previous by thread: Re: Latest Mandrake
Next by thread: Re: Latest Mandrake
Index(es):
- Date
- Thread