* Daniel D Jones (ddjones@riddlemaster.org) [020514 13:02]: > I'm setting up a machine to work as NAT/gateway/proxy server for my home > lan. I compiled the kernel and included NAT and the various network > components as part of the kernel rather than as modules. I then > installed ipmasq. > > NAT certainly seems to be working. Machines with a 192.168.1.? IP are > able to surf the net. > > I'd now like to set up some IPMASQ rules to control what certain > computers are able to access (that is, limit what my son's computer can > access.) In order to see what's going on, I run > > netstat -anM > > I get the error message "no support for ip_masquerade on this system" > > Is this because I have the networking components compiled in rather than > implemented as modules, because I'm using ipmasq rather than straight > iptables, or something else? I think it's because that only works for old 2.2 kernels using MASQUERADE, not newer netfilter kernels using NAT. Try this instead: cat /proc/net/ip_conntrack good times, Vineet -- Currently seeking opportunities in the SF Bay Area Please see http://www.doorstop.net/resume.shtml
Attachment:
pgp6fJNDbTJ63.pgp
Description: PGP signature