The IP Masquerade HOWTO is the document that contains instructions on understanding, configuring, and troubleshooting NAT or Network Address Translation for Linux. It covers topics such as IPTABLES, PORTFW, IPCHAINS, IPFWADM, stronger packet firewalls, multiple network segments, and configuring many client operating systems. It also has an extensive FAQ and troubleshooting section.
|Tags||Communications education Internet Security Installation/Setup Networking Firewalls Operating System Kernels Linux Systems Administration|
|Operating Systems||POSIX Linux|
Release Notes: Multiple new FAQ entries and sub-sections for advanced setups. The firewall ruleset names have been changed to reflect the base technology (like iptables or ipchains) and not reflect a kernel version (2.6.x kernels supports both iptables and ipchains). Some of the firewall rulesets have been updated to be a bit clearer.
Release Notes: A section on reducing the size of your logs and a commented firewall section for IRC users have been added. The firewall rulesets 0.80 (stronger) and 0.75 (basic) have been updated to use modprobe instead of insmod, and more comments have been added. Some broken URLs have been fixed.
Release Notes: This version deletes and updated many URLs throughout the HOWTO, updates the LooseUDP entry and adds how iptables fixes it, vastly expands the SYSLOG packet decoding section, updates the various firewall rulesets to use modprobe instead of insmod, adds a Clamp-MSS entry to the MTU FAQ section for PPPoE and other MTU-sufferers, and fixes a SGML parsing script that was screwing up "&&" characters.
Release Notes: Additional /proc entry testing was added to help users determine if their kernel is MASQ-ready. An EXTIP variable was added the 2.4.x PORTFW example, as several people were trying to use this with the BASIC ruleset and not the STRONGER ruleset. Mandrake and Gentoo were added to the MASQ compatibility list, and additional checking was added to the kernel compilation section to determine if your kernel supports IPMASQ via modules or by being statically compiled in.
Release Notes: This version adds Redhat 7.3 and 8.0 to the compatibility chart, fixes various typos, updates the 2.2.x H.323 kernel patch URL, and updates the 2.4.x kernel compiling section to let users know that most modern kernels don't need IPTABLES Patch-o-matic patches to be applied except to fix bugs or add additional functionality.