Linux.com: Netfilter for IP Masquerade
Feb 12, 2001, 23:12 (3 Talkback[s])
(Other stories by Mike Baker)
Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame
"As of 2.4, ipchains is a thing of the past. The replacement for
ipchains is Netfilter's iptables. What does this mean to the end
user? Typically it means little beyond the fact that suddenly their
ipmasq script doesn't work. So, for starters let's get into setting
up ipmasq under 2.4.x kernels."
- "First, check that you've got network packet filtering enabled,
you'll find it under the networking options menu."
- "Enabling packet filtering will add a submenu lower down called
- "In the Netfilter's configuration menu be sure to enable
"Connection tracking", "IP Tables support" and "Full NAT"
"Connection tracking is a new feature of netfilter that allows
you to accept or deny a packet based on the state of the connection
rather than the strict allow/deny of ipchains. NAT of course stands
for Network Address Translation, the key feature behind IP
Masquerade. The other entries in this menu are optional, enable
them as you please and recompile the kernel if needed."
- Security Portal: Why Firewalls?(Jan 25, 2001)
- Security Portal: Linux Gets Stateful Firewalling - Introducing Netfilter (iptables)(Jan 22, 2001)
- Security Portal: Linux Firewalling and Port Behavior(Nov 02, 2000)
- Security Portal: Firewalls - Common Configuration Problems(Sep 06, 2000)
- Security Portal: Firewalls - Overview(Aug 24, 2000)
- LinuxPlanet: Linux Networking: Using Ipchains(Jul 24, 2000)
- Linux Magazine: Network Security With Linux 2.4(May 06, 2000)
- RootPrompt.org: Auditing Your Firewall Setup(Apr 10, 2000)
- LinuxHelp.net: IPtables Firewall Script(Mar 26, 2000)
- Computer Bits: Firewalling with iptables(Feb 28, 2000)