Linux Today: Linux News On Internet Time.

Linux.com: Netfilter for IP Masquerade

Feb 12, 2001, 23:12 (3 Talkback[s])
(Other stories by Mike Baker)

"As of 2.4, ipchains is a thing of the past. The replacement for ipchains is Netfilter's iptables. What does this mean to the end user? Typically it means little beyond the fact that suddenly their ipmasq script doesn't work. So, for starters let's get into setting up ipmasq under 2.4.x kernels."

  • "First, check that you've got network packet filtering enabled, you'll find it under the networking options menu."
  • "Enabling packet filtering will add a submenu lower down called Netfilter configuration."
  • "In the Netfilter's configuration menu be sure to enable "Connection tracking", "IP Tables support" and "Full NAT" support."

"Connection tracking is a new feature of netfilter that allows you to accept or deny a packet based on the state of the connection rather than the strict allow/deny of ipchains. NAT of course stands for Network Address Translation, the key feature behind IP Masquerade. The other entries in this menu are optional, enable them as you please and recompile the kernel if needed."

Complete Story

Related Stories: