[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ipmasq and howto

From: Oswald Buddenhagen <ob6@inf.tu-dresden.de>

>> (Now I'm trying to figure out what's made the difference -- why it is
>> that previously I was seeing specific entries with 'ipchains -M -L'
>> and now I'm not...possibly something's been updated, dunno; as long 
>> as things keep working, I'm planning not to worry about it too much.

> RTFM!!! 

(I did, thank you; many times -- the man pages, the HOW-TO pages,
and everything I could find, short of daring to ask anyone who might
react by belching forth, "RTFM!!!")

>man ipchains clearly states:
>        -M, --masquerading
>               This option allows viewing of  the  currently  mas­
>               queraded  connections  (in  conjuction  with the -L
>               option) or to set the kernel masqerading parameters
>               (with the -S option).
> The emphasis lies on "currently*"! That is, only if a masqueraded host
> hast open connections, something will show up!

Hmm; the actual emphasis lies on "connections which are currently
masqueraded".  The word "open" was filled-in for you by your
already-existing understanding of what's going on; it's not present in the
text I was poring over and that you've quoted.  

My understanding had reached this far:  "Routes exist when no traffic is
moving on them; therefore 'currently masqueraded connections' could mean
'those pathways I've indicated in a masquerading rule, whether there's
traffic on them right now or not'."

Thank you for helping clarify the distinction.

 -- Jeff --   <http://www.wellnow.com>

 "There's nothing left in the world to prove.  All that's worth doing
  is to love one another, using whatever means are available to serve."

Reply to: