Re: Is ipmasq worth it?
In short, it is worth it.
You can change firewall state in one stroke.
You can change upstream ISP connection while maintaining your firewall.
Works for 2.2 and 2.4 kernels.
"ipmasq -v" shall give youactual script.
Script is similar to sysv init script so anyone can understand.
New ipmasq comes with stronger firewalling example (I wtrote it and
available in unstable version of ipmasq)
On Tue, Jan 08, 2002 at 02:36:40PM -0500, Jason Stechschulte wrote:
[...]
> My question:
> Is ipmasq really worth using? It almost seems more difficult keeping
> track of multiple .rul files, plus ipmasq has many .def files that seem
> to set up rules also. From the looks of it, it seems like it may be
> easier to just set it all up manually myself and have full control over
> everything rather than having to learn to do things the ipmasq way.
Are you creating transparent proxy or port forwarding?
Otherwise, you leave it as is.
For packet firewalling, use Stronger example so you edit only
configuration file. Sorry not much documentation there but it is a
simple script :)
> Does anyone else have thoughts on this? Many of the example iptables
> scripts have everything in one file, which would probably make
> maintaining it much simpler.
For learning purpose, yes go ahead but to make good filter as ipmasq,
you have long way to go.
>From what I read, the biggest advantage of
> ipmasq is that it starts everything automatically for you and without
> it, you would have to write something to load your rules. I really
> don't see this as a problem, though, so does anyone have any
> suggestions? Should I ditch ipmasq and do things manually or learn the
> ipmasq way?
Learn iptables command and lern ipmasq script.
--
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ Osamu Aoki <debian@aokiconsulting.com> @ Cupertino, CA USA +
Reply to: