Re: NAT/MASQ in single NIC
re,
Osamu Aoki(debian@aokiconsulting.com)@Wed, Feb 28, 2001 at 12:42:23PM -0800:
> Well .. I danno... Never done it. Just a thoght which may work.
>
> Seriously, PCI NIC costs only $20 these days. I have 2 NICs and MASQ
> them to access Cable and LAN. It will act as good firewall too.
If you only have one nic, you can still masq, it's not a problem if you _just want to masq_.
Security wise it's not much of a gain, but it helps getting online with a couple of computers.
What you should do is :
--
# ifconfig eth0:0 192.168.1.1 netmask 255.255.255.0
# route add -net 192.168.1.0 netmask 255.255.255.0 eth0:0
# echo 1 > /proc/sys/net/ipv4/ip_forward
# ipchains -A forward -s 192.168.1.0/255.255.255.255 -d 0/0 -j MASQ
--
Now you should be able to masq, just don't forget to point your client machines their default gw to 192.168.1.1
Note: I just want to say again: for security you need two nics!
--
People using html in email should be shot.
Opinions are like assholes -- everyone's got one, but nobody wants to
look at the other guy's.
-- Hal Hickman
By US Code Title 47, Sec.227(a)(2)(B), a computer/modem/printer meets the definition of a telephone fax machine. By Sec.227(b)(1)(C), it is unlawful to send any unsolicited advertisement to such equipment. By Sec.227(b)(3)(C), a violation of the aforementioned Section is punishable by action to recover actual monetary loss, or $500, whichever is greater, for each violation.
Reply to: