Re: ip masquerade : which one?

To: D-Man <dsh8290@rit.edu>
Cc: debian-user@lists.debian.org
Subject: Re: ip masquerade : which one?
From: Chun Kit Edwin Lau <lauedwin@sympatico.ca>
Date: Mon, 16 Apr 2001 20:01:31 -0400
Message-id: <[🔎] 20010416200131.C1383@Mercury>
In-reply-to: <[🔎] 20010416190740.E16@harmony.cs.rit.edu>; from dsh8290@rit.edu on Mon, Apr 16, 2001 at 19:07:40 -0400
References: <[🔎] 20010416163526.B29717@harmony.cs.rit.edu> <[🔎] 20010417003830.B18198@tekilla.homeip.net> <[🔎] 20010416190740.E16@harmony.cs.rit.edu>

Hi

	Yes, both ipchain and ipmasq about roughly the same things but I
think ipchain is a newer with more features and mainly for 2.2 kernel. (I
think ipmasq for 2.0 kernel, but I am not sure). For 2.4 kernel, iptable is
the recommended one.  All these tools do packet filtering AFAIK. This
packet filtering function is used in masquerading.

Firewalling and Masquerading are similar things but not the same thing. A
firewall is a computer that prevent direct connection between the outside
world and the inside world. Masquenerading computer is a computer that make
the outgoing traffic (from within the lan) looks like it was generated from
the masquerading computer. Hence, no one knows if there is any computer
behind the masqueranding computer.

Hope that helps

Edwin Lau

On Mon, 16 Apr 2001 19:07:40 D-Man wrote:
> On Tue, Apr 17, 2001 at 12:38:30AM +0200, Willi Dyck wrote:
> | On Mon, Apr 16, 2001 at 04:35:26PM -0400, D-Man wrote:
> | > 
> | > I see there are 2 HOWTOS for IP Masquerading and (correspondingly) 2
> | > packages.  Should I be looking at "ipmasq" or "ipchains"?  How much
> | 
> | If you're using kernel versions older than 2.4.0 you're about to use
> | ipchains. The IPCHAINS HOWTO explains how to install and
> | configure ip-firewalling chains software. And the IP-Masquerading HOWTO
> | explains how to enable IP-Masq under Linux.
> 
> This doesn't quite answer my question, but it might be heading in the
> right direction.  I want to know the difference between ipchains and
> ipmasq.  Would I be correct if I said :
>     Firewalling and Masquerading are 2 different things, handled by 2
>     different apps, and I want both ipchains and ipmasq?
> 
> | > breakage (aka relearning) would I need to do if I went with a 2.4
> | > kernel and iptables instead?  (I don't know the masq stuff yet so
> that
> | > would only be 'learning', not 'relearning',  but how much other stuff
> | > is radically different?)
> | 
> | I'd say, if you haven't dealt with ipchains nor iptables then you
> should
> | take the time and learn iptables, because in the long run it'll remain.
> | They both differ a little but are very similar. Check this one for
> | more information on iptables:
> | 
> | http://netfilter.filewatcher.org/
> | 
> | The netfileter HOWTO also explains the difference between iptables and
> | ipcahins.
> 
> The line :
> 
>  MASQ is now MASQUERADE
> 
> seems to indicate that ipchains and iptables both handle masquerading.
> If that is true, how does the ipmasq package fit in with this?
> 
> Thanks for the info,
> -D
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
> 
> 

Edwin Lau (lauedw@waves.utoronto.ca)

Reply to:

References:
- ip masquerade : which one?
  - From: D-Man <dsh8290@rit.edu>
- Re: ip masquerade : which one?
  - From: Willi Dyck <flateric@tekilla.homeip.net>
- Re: ip masquerade : which one?
  - From: D-Man <dsh8290@rit.edu>

Prev by Date: Re: atp-get upgrade scrued up my installation
Next by Date: Re: ip masquerade : which one?
Previous by thread: Re: ip masquerade : which one?
Next by thread: Re: ip masquerade : which one?
Index(es):
- Date
- Thread