[dropping individuals as recipients]
Quoting Sunil Mohan Adapa (2019-07-31 17:46:44)
> On 31/07/19 7:46 am, Wookey wrote:
> [...]
> >
> > What is the modern equivalent of 'ipmasq'? I still miss this tool on
> > a regular basis and loved what it did. I have not found a
> > replacement and forever end up looking up runes on the net and doing
> > it by hand with iptables. ('it' being setting up my machine to
> > listen on one interface (e.g. to a dev board) and forward everything
> > to/from the real internet (wifi or ethernet). ipmasq did agreat job
> > of hiding the previous transition from ipchains to iptables. I've
> > never heard of nftables which is apparently the new thing. Nor
> > firewalld - perhaps it would do what I want?
> >
> > For those too young to know, ipmasq basically does(did - removed in
> > 2009!) what the script on this page does for you:
> > https://debian-administration.org/article/23/Setting_up_a_simple_Debian_gateway
>
> I believe this is done in firewalld by assigning the outgoing network
> interface to 'external' zone and other network interfaces to
> 'internal' zone.
>
> Alternatively, setting 'masquerade=yes' property on the zone that is
> assigned outgoing network interfaces should achieve the same result.
Alternatively, using systemd-networkd (i.e. not needing firewalld or
network-manager or ifupdown) you can set IPMasquerade=yes for
/etc/systemd/network/*.network profiles (see "man systemd.network") of
each device that should be masqueraded (that is, the _opposite_
interfaces than the ones you would flag in firewalld).
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
Attachment:
signature.asc
Description: signature