On 31/07/19 7:46 am, Wookey wrote:
[...]
>
> What is the modern equivalent of 'ipmasq'? I still miss this tool on a
> regular basis and loved what it did. I have not found a replacement
> and forever end up looking up runes on the net and doing it by hand
> with iptables. ('it' being setting up my machine to listen on
> one interface (e.g. to a dev board) and forward everything to/from the
> real internet (wifi or ethernet). ipmasq did agreat job of hiding the
> previous transition from ipchains to iptables. I've never heard of
> nftables which is apparently the new thing. Nor firewalld - perhaps it
> would do what I want?
>
> For those too young to know, ipmasq basically does(did - removed in
> 2009!) what the script on this page does for you:
> https://debian-administration.org/article/23/Setting_up_a_simple_Debian_gateway
I believe this is done in firewalld by assigning the outgoing network
interface to 'external' zone and other network interfaces to 'internal'
zone.
Alternatively, setting 'masquerade=yes' property on the zone that is
assigned outgoing network interfaces should achieve the same result.
--
Sunil
Attachment:
signature.asc
Description: OpenPGP digital signature