Re: IP-Masquerade

To: Mario Olimpio de Menezes <mario@curiango.ipen.br>
Cc: Debian Users Mailing List <debian-user@lists.debian.org>
Subject: Re: IP-Masquerade
From: Guilherme Soares Zahn <gzahn@cnen.gov.br>
Date: Wed, 18 Aug 1999 09:53:05 -0300
Message-id: <[🔎] 37BAACB1.292C660C@cnen.gov.br>
References: <[🔎] Pine.LNX.3.96.990818090238.2732C-100000@curiango.ipen.br>

> > The HOWTO suggested I should try something like
> >
> > ipfwadm -F -p deny (setting 'deny' as the default rule)
> > ipfwadm -F -a masquerade -P tcp 192.168.0.0/255.255.0.0 -D 0.0.0.0/0
>                                               ^^^^^^^^^^^
> is there a typo here or you're using the entire range from 192.168.0 to
> 192.168.255. If you're using one C class (192.168.0.0), your mask should
> be 255.255.255.0 (or 192.168.0.0/24).

Nope... we have at least four C classes from that router (192.168.10.0,
192.168.11.0, 193.160.12.0, 192.168.13.0), so I decided to try the more
general approach just to make things easier... I'll try to follow some of the
other suggestions, though, just to make the setup 'cleaner' (I think that
specially using the '-W eth# should make the whole setting match my needs,
allowing ONLY calls from the internal networks to be masqueraded... ;-)

> Just curious: você não está utilizando o potato? Kernel 2.3.x? Por que não
> utiliza o ipchains? (sorry all others :)

No, potato & kernel 2.3.x are in my personal machine... the router has a much
more 'conservative' setup ;-)

Thanks for your support, everybody!!!

Guilherme Zahn

Reply to:

References:
- Re: IP-Masquerade
  - From: Mario Olimpio de Menezes <mario@curiango.ipen.br>

Prev by Date: a request for a copy of your linux
Next by Date: Re: Printing problem
Previous by thread: Re: IP-Masquerade
Next by thread: Apache: unable to use authentification
Index(es):
- Date
- Thread