








		     Linux IP Masquerade mini HOWTO Ķ

		     @: Ambrose Au ambrose@writeme.com

		    Ķ: Asd L. Chen asdchen@ms1.hinet.net

	      v1.20, 10 November 1997 ½Ķ: 19 November 1997



				   Abstract

     oyzpb@x Linux DW_ IP Masquerade
     \A\SUں IP }suqgѧA Linux
     sںD



1.  ²

1.1  ²

oyzpb@x Linux  DW_ IP Masquerade
\A\SUں IP }suqgѧA Linux
sںDAiOHAӺs Linux,
]iO䥦AOII(ppp)
suDoN|jդAӺsupA]oӬO̱`רҡD

     oɦVϥ 2.0.x  ֤ߪϥΪ̰ѦҡA]toi 2.1.x
     ֤ߡD

1.2  eA^X & ѦҸT

ڵo{sbs֤ߤWAO 2.x  ֤ߡA]w IP Masguerade
ɫD`xbDM`ݵ(FAQ) PlC(mailing
list)AMӨS@o譱MFӥBblCWǹoˤ@(HOWTO)
ШDDҥHAڨMwgҦs@@Ӱ_IAåBƱ߿jޥɡA@ǫD`FѥϥΪ̫إߤ󪺰¦DpGA{ڰnAnbNiDڡAo˧گ⥦onD

oܦhOH Ken Eves `ݵH IP Masquerade
lC̳\hUT@¦DSOP  Mr. Matthew Driver
blCT޵oڳ] IP Masquerade FPHγ̫ἶgFoD

pGڪT~ο|TAЧON^XηNH
ambrose@writeme.com ӡDAL^XNvTӪo!

oOQ@A IP Masquerade  b̵uɶB@ֳtޡD
]ڤO@M@aAAi|o{󪺸TëDpAQ@Ϋ[D
̷sHθTiHbکҺ@ IP Masquerade Resource1  WD
pGA IP Masquerade	޳NDAХ[J IP Masquerade

____________________

1. <URL:http://ipmasq.home.ml.org/>

Linux IP Masquerade mini HOWTO Ķ					      1





Linux IP Masquerade mini HOWTO Ķ					      2



lCӧOHqll󵹧ڡA]ڪɶAӥB IP Masquerade
oi̧̭󦳯O^ADD

o̷siHb IP Masquerade Resource WA̭] HTML H
postscript :

    http://ipmasq.home.ml.org/

    аѦ IP Masquerade Resource MgxC2  H䥦MgxD

1.3  v & ŧi

ovݩ Ambrose Au, ӥBOKODAiHb GNU
qΤ}v覡UD

o󤤪T䥦ewgɤFڳ̤jVODLצpAIP Masquerade
OʪAӥBڤ]i|Ǩǿ~FҥHAӦۤvMwOOnӵ۳o󤤪TD

SH|ϥγo󤤪TҳyqlaΨ䥦ltdD]NOA

     @̷̤ӳo󤺮eʧ@ҳyl`tdD



This document is copyright(c) 1996 Ambrose Au, and it's a free document. You
can redistribute it under the terms of the GNU General Public License.

The information and other contents in this document are to the best of my
knowledge. However, ip_masq is experimental, and there is chance that I make
mistakes as well; so you should determine if you want to follow the information
in this document.

Nobody is responsible for any damage on your computers and any other losses by
using the information on this document. i.e.

     THE AUTHOR IS NOT RESPONSIBLE FOR ANY DAMAGES INCURRED DUE TO ACTIONS
     TAKEN BASED ON THE INFORMATION IN THIS DOCUMENT.


2.  I

2.1  O IP Masquerade?

IP Masquerade O Linux	oi@غ\DpG@x Linux Dϥ IP Mas
querade
\suںWA򱵤Wq]׬ObP@ӰϰWǥѼƾھsu^]iHĲںAYϥ̨Sow
IP }D

oϱo@ǹqiHæbhD(gateway)
tΫ᭱sںӤQo{Aݰ_ӴNuoӨtΦbϥκںD}]w}n(mas
querade)tΤw@ӷ|}}nʥ]Lo(packet filter

____________________

2. <URL:http://ipmasq.home.ml.org/index.html#mirror>







Linux IP Masquerade mini HOWTO Ķ					      3



firewall)ӱo[x]]̤S~^D

2.2  {p

IP Masquerade Mb綥qDLצpA֤߱q 1.3.x
}lwgسo䴩D\hӤHƦܤqbϥΥAӦNGD

sHλñJ(telnet)wg^ܥiHb IP Masquerade
WB@Dɮ׶ǿ(FTP)A(IRC) Hβť Real Audio
{biHJYǼҲհtXD䥦ƬyT (streaming audio) O True
Speech	H Internet Wave
]B@D@ǶlCϥι٦ƦٹչLT|ĳnD Ping
{btXsiHoںTw(ICMP)׸ɤ]B@D

󧹾㪺䴩nCаѦ 4.3 `D

IP Masquerade bƺؤP@~tΤΥOWP 'Ȥݾ'
tX}nD\רҦϥ Unix, Windows95, Windows NT, Windows for Workgroup
(with TCP/IP package), OS/2, Macintosh System's OS with Mac TCP, Mac Open
Transport, DOS with NCSA Telnet package, VAX, Alpha with Linux, Ʀ Amiga with
AmiTCP  AS225-stack tΡD

2.3  ֥iHq IP Masquerade q?

    pGAxsں Linux DAӥB

    pGA@ǰ TCP/IP s Linux qbϰWAH/άO

    pGA Linux D@ӥHWƾھåB@ PPP  SLIP
     As䥦qA

    oǨ䥦Sw IP
     }D]oǾqo̶}lHN٬䥦^

    ӥBMApGAƱoǨ䥦B~OδNsWں :)

2.4  ֤ݭn IP Masquerade?

    pGAOW@x(stand-alone) sں Linux DA IP
     Masquerade SNqAΪ

    pGA䥦֦w IP }AANݭn IP Masquerade

    ӥBMApGAwKOϥ(free ride) oӥDNܡD

2.5  IP Masquerade OpB@?

` Ken eves  IP Masquerade FAQ:














Linux IP Masquerade mini HOWTO Ķ					      4



       oOj²檺]w:

	  SLIP/PPP	   +------------+			  +-------------+
	  to provider	   |  Linux	|	SLIP/PPP	  | Anybox	|
	 <---------- modem1|		|modem2 ----------- modem |		|
	   111.222.333.444 |		|	    192.168.1.100 |		|
			   +------------+			  +-------------+

	       WϤ@xw˨ð ip_masquerading   Linux
	   ϥ modem1 g SLIP/or/PPP  sںD@
	   w IP } 111.222.333.444D]w modem2 \
	   ñJð_l SLIP/or/PPP  sD

	       ĤGӨtΡ]O Linux  tΡ^iJ Linux
	   ð_l SLIP/or/PPP  sDbںWèSw
	   IP  }ҥHϥ 192.168.1.100D]Ѿ\Uz^

	       tX ip_masquerade  ξAetm(routing configured)
	   Anybox  oxiHںyNpPusbW
	   ]Fּƨҥ~^D

       ` Pauline Middelink:
	   OѰO ANYBOX ӧ Linux  @hD]L׬O
	   w]e|ΥuOӤlSY^DpG ANYBOX 
	   o˳]A Linux  ӬҦne}Nz}ѪR
	   Rw(proxy arp) AȡANz}ѪR]wWLo
	   dD

       U` comp.os.linux.networking @giåBy[sH
       ŦXWzdҪε:

       CڧiD ANYBOX ox] slip  linux  OhDD
       C@ӫʥ]q ANYBOX iJ linux  ɡA|wsӷ
	 (source port number)A⥦ۤv ip }Jʥ]Y
	 xsӪDMᥦN|ǥ SLIP/or/PPP  ɭקLʥ]
	 eWںD
       C@ӫʥ]qںӨ linux  ɡApG𸹬OWw
	 䤤@ӡAN|XӪ𸹥H ip }A⥦̩^
	 ]YAåBʥ]e ANYBOX D
       CeXʥ]DNûD䤤tOD

@ IP Masquerading Ҥl:

UϥܬO嫬Ҥl:-


















Linux IP Masquerade mini HOWTO Ķ					      5



	 +----------+
	 |	    |  Ethernet
	 | abox     |::::::
	 |	    |2	  :192.168.1.x
	 +----------+	  :
			  :   +----------+   PPP
	 +----------+	  :  1|  Linux	 |   link
	 |	    |	  ::::| masq-gate|:::::::::// Internet
	 | bbox     |::::::   | 	 |
	 |	    |3	  :   +----------+
	 +----------+	  :
			  :
	 +----------+	  :
	 |	    |	  :
	 | cbox     |::::::
	 |	    |4
	 +----------+


	 <-Internal Network->


boӨҤlڭ̦Ҽ{|xqtΡ]Qk٦ǪFAں IP
susAHΤ@ǡ]WLo@^bںWA洫TF^D
o Linux t masq-gate O abox, bbox, cbox
sں˹hDD ϥΫwp(private)
}AboӮרҤO class C  192.168.1.0, Linux ֦}
192.168.1.1  Ө䥦tΤ]֦W}D

oTx abox, bbox H cbox (̥iH@~t  O Windows 95,
Macintosh MacTCP άƦܬOt@x Linux Aun̯F
IP)iHsuںW䥦hAMӳoӰ˨tιhD masq-gate
ഫ̩ҦsuҥHoǳsuݰ_ӹO쥻Yq˹hD masq-gate
oXAӥB٦wư˳suǦ^^t 
ҥHbWtάݨ쪺Oqںe|ӥBDL̪ƳQ˹LD

2.6  b Linux 2.x  Wϥ IP Masquerade  ݨD

      ** аѦ IP Masquerade Resource3  Ho̷sTA]g`so
     HOWTO OxD **

    ֤ 2.0.x l{XiHqǫo ftp://ftp.funet.fi/pub/Linux/ker
     nel/src/v2.0/

     (OAANotX[J@Ǥ䴩ӽsĶA֤.... ĳ̷síw)

    iJ֤߼ҲաA̦nO 2.0.0 ΧsAiHqǫo
     http://www.pi.se/blox/modules/modules-2.0.0.tar.gz

     (ܤֻݭn modules-1.3.57)


____________________

3. <URL:http://ipmasq.home.ml.org/>







Linux IP Masquerade mini HOWTO Ķ					      6



    ]w}n TCP/IP 

     [\ Linux NET-2 HOWTO4	κ޲z̫(Network Administrator's Guide)
     Network Administrator's Guide5

    A Linux Dںsu

     [\ Linux ISP Hookup HOWTO6 , Linux PPP HOWTO H Linux PPP-over-ISDN
     mini-HOWTO7

    Ipfwadm 2.3 ΧsiHqǫo

     ftp://ftp.xos.nl/pub/linux/ipfwadm/ipfwadm-2.3.tar.gz b Linux Ipfwadm
     Wh󪩥T Linux Ipfwadm page8

    AiHܩʦa[W@ IP Masquerade ׸ɥHW[䥦\D
     qo̥iHhTA IP Masquerade Resources9	(oǭ׸ɾAΩҦ
     2.0.x  ֤)


3.  IP Masquerade ]w

     pGApκ̦󭫭nTAbϥ IP Masquerade
     eФTDoiনAqںhDAϤMA]iনt@䪺@ɶiJApκ~|D

3.1  sĶ֤ߥ[J IP Masquerade 䴩

      ** аѦ IP Masquerade Resource10  Ho̷sTA]g`so
     HOWTO OxD **

    AAݭn֤ߪl{X(̦nOíw@2.0.0 ΥHW֤)

    pGoOAĤ@sĶ֤ߡAn`ȡDƹWAoD`eӥB[\ Linux
     Kernel HOWTO

    ϥΫO: tar xvzf linux-2.0.x.tar.gz -C /usr/src ֤ߪl{XѦ
     /usr/src/A䤤 x O 2.0 ᪺׸ɼh

      (TwӺ٬ linux ؿβŸ쵲)

____________________

4. <URL:http://www.caldera.com/LDP/HOWTO/NET-2-HOWTO.html>

5. <URL:http://linuxwww.db.erau.edu/NAG/>

6. <URL:http://www.caldera.com/LDP/HOWTO/ISP-Hookup-HOWTO.html>

7. <URL:http://www.caldera.com/LDP/HOWTO/mini/PPP-over-ISDN>

8. <URL:http://www.xos.nl/linux/ipfwadm/>

9. <URL:http://ipmasq.home.ml.org/>

10.<URL:http://ipmasq.home.ml.org/>







Linux IP Masquerade mini HOWTO Ķ					      7



    [WA׸ɡD]s׸ɤ_XӡAҥHӸ`|]tbo̡D̷sTаѦ
     IP Masquerade Resources11

    sĶ֤ߧi@BнаѦ Kernel HOWTO Hή֤߭l{Xؿ̪
     README ɮ

    o̬OAnsĶihﶵ:

     UCﶵn^ YES:











































____________________

11.<URL:http://ipmasq.home.ml.org/>







Linux IP Masquerade mini HOWTO Ķ					      8



	    * Prompt for development and/or incomplete code/drivers
	      CONFIG_EXPERIMENTAL
	      - oNAܧʪ IP Masquerade {XsĶ֤߸̥h

	    * Enable loadable module support
	      CONFIG_MODULES
	      - AJҲ

	    * Networking support
	      CONFIG_NET

	    * Network firewalls
	      CONFIG_FIREWALL

	    * TCP/IP networking
	      CONFIG_INET

	    * IP: forwarding/gatewaying
	      CONFIG_IP_FORWARD

	    * IP: firewalling
	      CONFIG_IP_FIREWALL

	    * IP: masquerading (EXPERIMENTAL)
	      CONFIG_IP_MASQUERADE
	      - oMOʪAoO ** 

	    * IP: ipautofw masquerade support (EXPERIMENTAL)
	      CONFIG_IP_MASQUERADE_IPAUTOFW
	      - ĳϥ

	    * IP: ICMP masquerading
	      CONFIG_IP_MASQUERADE_ICMP
	      - 䴩 ICMP ʥ]ˡAi

	    * IP: always defragment
	      CONFIG_IP_ALWAYS_DEFRAG
	      - ׫ĳϥ

	    * Dummy net driver support
	      CONFIG_DUMMY
	      - ĳϥ

     `N: oǥuO IP Masquerade
     һݭnAAٻݿܨ䥦A]wݭnﶵD

    sĶ֤ߤAAӽsĶæw˼Ҳ:

	  make modules modules_install



    MAӦb /etc/rc.d/rc.local
     (ΥA{XAɮ)̥[WXHKCҰʮɦ۰ʸJ








Linux IP Masquerade mini HOWTO Ķ					      9



     /lib/modules/2.0.x/ipv4/ ̩һݪҲ:

		  .
		  .
		  .
	  /sbin/depmod -a
	  /sbin/modprobe ip_masq_ftp
	  /sbin/modprobe ip_masq_raudio
	  /sbin/modprobe ip_masq_irc
	  (HΨ䥦O ip_masq_cuseeme, ip_masq_vdolive ҲաApGA[WA׸)
		  .
		  .
		  .


`N: A]iHbϥ ip_masq  eʦaJAOnϥ kerneld
ӸJAoO檺!

3.2  wpκ IP }

]Ҧ䥦Sw}AӥT覡Ӥt}oǾD

` IP Masquerade FAQ:

 RFC (#1597) OSP~ɳsuӨϥΤ IP
}DTӼƦr϶OSOoӥتӫOdD䤤@ӧڨϥΪO 192.168.1.n 
192.168.255.n  255 Class-C lD

     ` RFC 1597:

     ĤT`: pΦ}Ŷ

	   ں}w(IANA: Internet Assigned Numbers Authority)
	   wgOdUCTӰ϶ IP }Ŷpκ:

			  10.0.0.0	  -   10.255.255.255
			  172.16.0.0	  -   172.31.255.255
			  192.168.0.0	  -   192.168.255.255

	   ڭ̱NٲĤ@Ӱ϶ "24줸϶"AĤGӬ "20줸϶"A
	   ӲĤTӫh٬ "16줸϶"D`NĤ@Ӱ϶NuO
	   class A  XAĤGӰ϶hOs 16  class B 
	   XAӲĤTӰ϶O@ 255  ӳs class C XD


ҥHApGAnϥΤ@ class C	ܡAAӥH 192.168.1.1,
192.168.1.2, 192.168.1.3, ..., 192.168.1.x ӦWD

192.168.1.1 q`OhDoxAbYAsWں Linux DD`N
192.168.1.0 H 192.168.1.255
OHμs}AOOdDקKbAWϥγoǦ}D











Linux IP Masquerade mini HOWTO Ķ					     10



3.3  tm䥦

FCx]wA IP
}~AA]ӳ]wAhDD@뻡ӡAoOD`FDAu²aJ
Linux D}(q`O 192.168.1.1)@hD}D

W٪AȡAAiH[J DNS  tΡD̥i઺ӬOA Linux
ϥΪ@ӡDA]iHܩʦa[Wr(domain suffix) D

bAstmo IP }AOosҰʾAAȩάOs}D

UtmdҰ]AϥΤ@ Class C  åBH 192.168.1.1 @ Linux
D}DЪ`N 192.168.1.0	 192.168.1.255 OOdD

3.3.1  tm Windows 95

  1.  pGA٨Sw˺dHάɭXʵ{A{bD

  2.   'x/' ̥hD

  3.  pGAtm̨S 'TCP/IP  w' h[ihD

  4.  b'TCP/IP  e'A'IP  }'åB IP }]w
      192.168.1.x,(1<x<255) AåBlBn] 255.255.255.0

  5.  b'qTh'[J 192.168.1.x  @AhDD

  6.  b'DNS tm'/'DNS A'U[JA Linux DϥΪ DNS (q`iHb
      /etc/resolv.conf ̧)DAiHܩʦa[JArjMǡD

  7.  nܧ䥦]wADADۤvbD

  8.  bҦܲU'Tw'åBsҰʨtΡD

  9.  պsuAPing A linux D: q'}l/'AJ ping 192.168.1.1

      (ouOϰsuաAA{b٤ ping ~@ɡD)

 10.  AiHb windows	ؿUܩʦaإߤ@ HOSTS
      ɮסApAiHϥΰϰ̪W١Db windows  ؿ̦Ӻ٬
      HOSTS.SAM dҡD

3.3.2  tm Windos for Workgroup 3.11

  1.  pGA٨Sw˺dHάɭXʵ{A{bD

  2.  pGA٥w TCP/IP 32b M󪺸ܴN˧aD

  3.  b 'Main'/'Windows Setup'/'Network Setup', U 'Drivers'D

  4.  N 'Network Drivers' ̪ 'Microsoft TCP/IP-32 3.11b' ϥաAU
      'Setup'D










Linux IP Masquerade mini HOWTO Ķ					     11



  5.  ]w IP } 192.168.1.x (1 < x < 255), M]w Subnet Mask 
      255.255.255.0 H Default Gateway  192.168.1.1D

  6.  n} 'Automatic DHCP Configuration' æb 'WINS Server'
      JFADAb@ Windows NT 줤ӥBADAbD

  7.  U 'DNS', Jb 3.3.1 p`BJ쪺TAMbAU 'OK'
      sD

  8.  U 'Advanced', pGAϥ 3.3.1 p`BJQDɮסAĿ
      'Enable DNS for Windows Name Resolution'  'Enable LMHOSTS lookup'D

  9.  bҦܲ 'OK' ísҰʨtΡD

 10.  Ping @UA Linux DHպs: b 'File/Run' J: ping
      192.168.1.1

      (ouLOϰsաAA٤ ping ~@)D

3.3.3  Configuring Windows NT

  1.  pGA٨Sw˺dHάɭXʵ{A{bD

  2.   'Main'/'Control Panel'/'Network'D

  3.  pGA٨S TCP/IP AȪܱq 'Add Software' 椤[J TCP/IP
      wάD

  4.  b 'Network Software and Adapter Cards' ̱N 'Installed Network Software'
      ܲ 'TCP/IP w' ϥաD

  5.  b 'TCP/IP Configuration'AܾAɭXʵ{AҦpA[1]Novell NE2000
      AdapterDM]w IP } 192.168.1.x (1 < x < 255)AM]w Subnet
      Mask  255.255.255.0 H Default Gateway  192.168.1.1D

  6.  n} 'Automatic DHCP Configuration' æb 'WINS Server'
      JFADAb@ Windows NT 줤ӥBADAbD

  7.  U 'DNS', Jb 3.3.1 p`BJ쪺TAMbAU 'OK'
      sD

  8.  U 'Advanced', pGAϥ 3.3.1 p`BJQDɮסAĿ
      'Enable DNS for Windows Name Resolution'  'Enable LMHOSTS lookup'D

  9.  bҦܲ 'OK' ísҰʨtΡD

 10.  Ping @UA Linux DHպs: b 'File/Run' J: ping
      192.168.1.1

      (ouLOϰsաAA٤ ping ~@)D

3.3.4  tm UNIX tCt










Linux IP Masquerade mini HOWTO Ķ					     12



  1.  pGA٥w˧AdåHAɭXʵ{ssĶA֤ߡA{bNaD

  2.  w TCP/IP AO nettools MApGA٨S˪ܡD

  3.  N IPADDR ] 192.168.1.x (1 < x < 255), MN NETMASK ]
      255.255.255.0, GATEWAY ] 192.168.1.1, H BROADCAST ]
      192.168.1.255D

      ҦpAb Red Hat Linux tΤWAiHs /etc/sysconfig/network-
      scripts/ifcfg-eth0AΪq Control Panel ̰D

      (b SunOS, BSDi, Slackware Linux, ۦP...)

  4.  NAW٦AλjMr[ /etc/resolv.confD

  5.  ̾ڧA]wAinsA /etc/networks ɮסD

  6.  sҰʾAAȡA²檺s}D

  7.  oX ping O: ping 192.168.1.1 HըA gateway sʡD

      (ouLOϰsաAA٤ ping ~@)D

3.3.5  tmϥ NCSA Telnet M DOS 

  1.  pGA٨Sw˺dA{bD

  2.  JAʥ]Xʵ{D NE2000 dӻApGAd]w IRQ 10
      εw} 0x300A nwpd 0x60 10 0x300D

  3.  إߤ@sؿAMѶ} NCSA Telnet M: pkunzip tel2308b.zip

  4.  ϥΤrs边} config.tel ɮסD

  5.  ]w myip=192.168.1.x (1 < x < 255), H netmask=255.255.255.0D

  6.  bҤlAAӳ]w hardware=packet, interrupt=10, ioaddr=60D

  7.  Aܤ֭n@W]w gatewayA]NO Linux D:

	   name=default
	   host=yourlinuxhostname
	   hostip=192.168.1.1
	   gateway=1



  8.  ٭nt~@ӫwW٪A:

	   name=dns.domain.com ; hostip=123.123.123.123; nameserver=1


      `N: ΧA Linux DϥΪ DNS ATӨND









Linux IP Masquerade mini HOWTO Ķ					     13



  9.  xsA config.tel ɮסD

 10.  Telnet A Linux DHպs: telnet 192.168.1.1

3.3.6  tm MacTCP  MacOS 

  1.  pGA٨SAAӺ౵w˾AXʵ{A̦n{bN@D


  2.  } MacTCP control panelAܾAXʵ{(Ethernet, ӫD
      EtherTalk) ëU 'More...' sD

  3.  b 'Obtain Address:',  'Manually'D

  4.  b 'IP Address:' UAquX椤 class CDܲ䥦D

  5.  b 'Domain Name Server Information:' JATD

  6.  b 'Gateway Address:' AJ 192.168.1.1D

  7.  U 'OK' Hxs]wDb MacTCP control panel DAb 'IP
      Address:' JA Mac  IP } (192.168.1.x, 1 < x < 255)D

  8.   MacTCP control panel. pGuXAs}ANaD

  9.  AiH ping @UA Linux DӨӴպsuDpGA MacTCP Watcher
      KO{AU 'Ping' sAMbuXܲJA Linux
      Da}(192.168.1.1)D(ouLOϰsաAA٤ ping
      ~@ɡD)

 10.  Aiܩʦab System Folder إߤ@ Hosts
      ɮץHKAiHϥΧAϰ̾DW١DoɮץiwgsbA
      System Folder
      ̡AӥBӷ|]t@(ѱ)dҶئӧAiHھڧAݭnӭקD

3.3.7  tm Open Transport  MacOS t

  1.  pGA٨SAAӺ౵w˾AXʵ{A̦n{bN@D

  2.  } TCP/IP Control Panel Mq Edit 椤 'User Mode
      ...'DTwϥΪ̼Ҧܤ֬O 'Advanced' MU 'OK' sD

  3.  q File 椤 'Configurations...'D 'Default' tmëU 'Dupli
      cate...' sDb 'Duplicate Configuration' ܲJ 'IP Masq'
      (άO䥦ADoOӯStmr)Ai|O 'Deafault copy'
      򪺡DMU 'OK' sAH 'Make Active' sD

  4.  q 'Connect via:' uX椤 'Ethernet'D

  5.  q 'Configure:'
      uXܾAءDpGADӿ擄AAiӭsܧA
      'Default' tmM}DڥΪO 'Manually'D










Linux IP Masquerade mini HOWTO Ķ					     14



  6.  b 'IP Address:' JA Mac  IP } (192.168.1.x, 1 < x < 255)D

  7.  b 'Subnet mask:' J 255.255.255.0D

  8.  b 'Router address:' J 192.168.1.1 D

  9.  b 'Name server addr.:' JAW٦A IP }D

 10.  b 'Implicit Search Path:' ̪ 'Starting domain name'
      JAںW(Ҧp 'microsoft.com')D

 11.  UӪBJOܩʪDTȥiɭPY~欰DpGATwA̦ndUťաAnĿDpGݭnܡAh줤TDNڥثeҪSkb
      TCP/IP ܵiDtΤnϥΥHeLt@ "Hosts"
      ɮסDpGADܡAګܦFѡDpGAݭn 802.3 ج[ܤĿ
      '802.3'D

 12.  U 'Options...' HTw TCP/IP @ΡDڨϥ 'Load only when needed'
      ﶵDpGAõ TCP/IP
      ε{\hӥsҰʧAAANo{ 'Load only when needed'
      |/CAO޲zįD惡رN TCP/IP
      w`OQJKϥΡDpGĿFATCP/IP
      w|۰ʦbݭnɸJæbݭnDJP񪺹L{iϧAOܪHD

 13.  AiH ping @UA Linux DӨӴպsuDpGA MacTCP Watcher
      KO{AU 'Ping' sAMbuXܲJA Linux
      Da}(192.168.1.1)D(ouLOϰsաAA٤ ping
      ~@ɡD)

 14.  AiHb System Folder إߤ@ Hosts
      ɮץHKAiHϥΧAϰ̾DW١Doɮץiwg٥sbA
      System Folder
      ̡DpGܡAӷ|]t@(ѱ)dҶئӧAiHھڧAݭnӭקDpG٨SܡAAiHq@bB@
      MacTCP tΤ^AΦۤvؤ@(` Unix  /etc/hosts ɮ׮榡Ab
      RFC 1035  33 yz)D@AإߤFoɮסA} TCP/IP control
      panelAU 'Select Hosts File...' sAMᥴ} Hosts ɮסD

 15.  ܲαq File 椤 'Close'  'Quit' MU 'Save'
      HxsAҰܡD

 16.  oǧܷ|ߨͮġAs}]L`D

3.3.8  tmϥ DNS  Novell 

  1.  pGA٨SAAӺ౵w˾AXʵ{A̦n{bN@D

  2.  q <URL:ftp.novell.com/pub/updates/unixconn/lwp5> ^ tcpip16.exeD

  3.

	   s c:\nwclient\startnet.bat

      : (here is a copy of mine)










Linux IP Masquerade mini HOWTO Ķ					     15



	   SET NWLANGUAGE=ENGLISH
	   LH LSL.COM
	   LH KTC2000.COM
	   LH IPXODI.COM
	   LH tcpip
	   LH VLM.EXE
	   F:



  4.

	   s c:\nwclient\net.cfg

      : (NXʵ{אּAA i.e. NE2000)

	   Link Driver KTC2000
		   Protocol IPX 0 ETHERNET_802.3
		   Frame ETHERNET_802.3
		   Frame Ethernet_II
		   FRAME Ethernet_802.2

	   NetWare DOS Requester
		      FIRST NETWORK DRIVE = F
		      USE DEFAULTS = OFF
		      VLM = CONN.VLM
		      VLM = IPXNCP.VLM
		      VLM = TRAN.VLM
		      VLM = SECURITY.VLM
		      VLM = NDS.VLM
		      VLM = BIND.VLM
		      VLM = NWP.VLM
		      VLM = FIO.VLM
		      VLM = GENERAL.VLM
		      VLM = REDIR.VLM
		      VLM = PRINT.VLM
		      VLM = NETX.VLM

	   Link Support
		   Buffers 8 1500
		   MemPool 4096

	   Protocol TCPIP
		   PATH SCRIPT	   C:\NET\SCRIPT
		   PATH PROFILE    C:\NET\PROFILE
		   PATH LWP_CFG    C:\NET\HSTACC
		   PATH TCP_CFG    C:\NET\TCP
		   ip_address	   xxx.xxx.xxx.xxx
		   ip_router	   xxx.xxx.xxx.xxx



  5.  ̫إ









Linux IP Masquerade mini HOWTO Ķ					     16



	   c:\bin\resolv.cfg

      :

	   SEARCH DNS HOSTS SEQUENTIAL
	   NAMESERVER 207.103.0.2
	   NAMESERVER 207.103.11.9



  6.  ڧƱoǬYǨϥ Novell HUD٦Ao Netware 3.1x  4.x
      ΡD

3.3.9  tm OS/2 Warp

  1.  pGA٨SAAӺ౵w˾AXʵ{A̦n{bN@D

  2.  pGA٨S TCP/IP qTwܲ{bNˡD

  3.  } Programms/TCP/IP (LAN) / TCP/IP ]w

  4.  b 'Network' [WA TCP/IP }ó]wA netmask (255.255.255.0)

  5.  b 'Routing' U 'Add'. N Type ]w 'default' æb 'Router
      Address' 줤JA Linux D IP } (192.168.1.1).

  6.  N 'Hosts' ]wPA Linux DϥάۦP DNS (W٦A)}D

  7.   TCP/IP xDbUӪD^ yes.

  8.  sҰʧAt

  9.  AiH ping A Linux DHպtmDb 'OS/2 RO' WJ
      'ping 192.168.1.1'. pG ping ʥ]@NSDD

3.3.10	tm䥦t

ӫӬۦPzרӫإߡDd\Wzp`DpGAg䥦@~tΪtmAаeԲӪإ߫ܨ
ambrose@writeme.com.

3.4  tm IP e(Forwarding)覡

ثeAAӤwgw˦n֤ߥHΨ䥦ݭnMA]JFAҲաDPɡA䥦
IP }AhDAHΡ@DNS ]ӥ]wD

{bAߤ@ѤUnƬOϥ ipfwadm eAʥ]A:

     **
     oiHγ\hP覡ӹFDUCĳPҤlڨӻΡAAi঳PDNAԸ`аѦ
     4.4 ` ipfwadm uWUD **

     ipfwadm -F -p deny
     ipfwadm -F -a m -S yyy.yyy.yyy.yyy/x -D 0.0.0.0/0









Linux IP Masquerade mini HOWTO Ķ					     17



䤤 x	AlөwAUCƦr@A yyy.yyy.yyy.yyy hOA}D

     netmask	     | x  | Subnet
     ~~~~~~~~~~~~~~~~|~~~~|~~~~~~~~~~~~~~~
     255.0.0.0	     | 8  | Class A
     255.255.0.0     | 16 | Class B
     255.255.255.0   | 24 | Class C
     255.255.255.255 | 32 | Point-to-point

ҦpApGڬOb@ class C lWAڱoJ:

     ipfwadm -F -p deny
     ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0

] bootp  ШDʥ]SXk IP's
AȤݨäD}Ab/W bootp AHb deny
eUCO:

     ipfwadm -I -a accept -S 0/0 68 -D 0/0 67 -W bootp_clients_net_if_name -P udp

A]iHOCx]wDҦpApGڷQ 192.168.1.2  192.168.1.8
sںA\䥦ϥΪܡAڱoJ:

     ipfwadm -F -p deny
     ipfwadm -F -a m -S 192.168.1.2/32 -D 0.0.0.0/0
     ipfwadm -F -a m -S 192.168.1.8/32 -D 0.0.0.0/0

t~AAiHJBnHNӭȡAҦp 192.168.1.0/255.255.255.0

`~Oo˪Ĥ@O

     ipfwadm -F -p masquerade


nAw]覡(policy)w(masquerading) 
_hiHޱL̪e|(routing) HNL(tun
nel)AhDAH˥L̪!

A@AAiHoǥ[J /etc/rc.local ɮסA@ӧAw rc
ɮסAάObCAݭn IP Masquerade ɤʰ椧D

о\Ū 4.4  ` Ipfwadm ԲӫޡD

3.5   IP Masquerade

boǤu@A{bOոլݪɭԤFDTwA Linux
DںsuOqD

AiHb䥦Wյs@'ں!!!'
WAݬO_ਣDګĳĤ@ծɨϥ IP
}ӤnΥDW١A]A DNS  ]wiäTD

ҦpAAiHϥ http://152.2.254.81/mdw/linux.html Ӧs Linux pe
http://sunsite.unc.edu/mdw/linux.htmlD








Linux IP Masquerade mini HOWTO Ķ					     18



pGAݨ}G|(Ķ`: LDP nS|? :P)A򮥳! iHB@F!
ۧAiHϥΥDWٸոլݡAMO telnet, ftp, RealAudio, True
SpeechAHΥ IP Masquerade 䴩FD

ثeA٤bW]wWo͹LDAӨǪUɶoӵ\B@HPNoǳ]wD


4.  䥦 IP Masquerade Dγn䴩

4.1  IP Masquerade D

YǨw{bLktX masquerading
ϥΡA]̤O]𸹪@ǨƱANOb}ΰ𸹪Ƭy̽sX 
᭱oǨwݭnb masquerading {X̫إ߯SwNz{ϥ̯B@D

4.2  iJtΪA(incoming services)

Masquerading Bz~ɪAȽШD (incoming services)D
u֤kह\̡AoP masquerading
LAӥBbOзǪ覡D

pGAänDתwʨAiH²a(redirect)oǰD
XؤPkiHo  ڨϥΤ@קL redir
{(ڧƱo{ܧִNq sunsite  Ψ mirrors o)D
pGAƱ~ɶiJtΪAȽШDYص{ת{(authorisation)
AiHb redir h(0.7 or above) ϥ TCP wrappers άO Xinetd
Ӥ\Sw IP }qLAΨϥΨ䥦uDTIS
u㶰OMuθTnaD

hԸ`ib IP Masquerade Resource12  D

4.3  w䴩ȤݳnHΨ䥦]w譱`Nƶ

     ** UCNAQ@FDig Linux IP masquerading
     B@ε{аѦҳo13  M IP Masquerade Resource14
     Hoi@BӸ`D **

@뻡ӡAϥζǿ鱱w(TCP) άOϥΪ̩wqƨw
(UDP)ε{ӳB@D pGAε{P IP Masquerade
ۮeĳAܩΰDAЫX Lee Nevo @ iP Linux IP masquerading
B@ε{15  D

4.3.1  iHϥΪȤݳn

@Ȥݳn

____________________

12.<URL:http://ipmasq.home.ml.org>

13.<URL:http://masqapps.home.ml.org>

14.<URL:http://ipmasq.home.ml.org/>

15.<URL:http://masqapps.home.ml.org>







Linux IP Masquerade mini HOWTO Ķ					     19



      HTTP
	    Ҧ䴩OAs

      POP & SMTP
	    Ҧ䴩OAqlln

      Telnet
	    Ҧ䴩OAñJ@~

      FTP
	    Ҧ䴩OAtX ip_masq_ftp.o
	    Ҳ(OҦxtXUثȤݳnFҦpYǤϥ ws_ftp32
	    ĲΪOoϥ netscape iJ)

      Archie
	    Ҧ䴩OAɮ׷jMn(ëDҦ archie Ȥݳn鳣䴩)

      NNTP (USENET)
	    Ҧ䴩OAsDn

      VRML
	    Windows (iҦ䴩OiH)As

      traceroute
	    DnO UNIX tCOAYܺإiLkB@

      ping
	    ҦOAtX ICMP ׸

      anything based on IRC
	    Ҧ䴩OAtX ip_masq_irc.o Ҳ

      Gopher client
	    Ҧ䴩O

      WAIS client
	    Ҧ䴩O

hCȤݳn

      Real Audio Player
	    Windows, ƬyTAtXJ ip_masq_raudio Ҳ

      True Speech Player 1.1b
	    Windows, ƬyT

      Internet Wave Player
	    Windows, ƬyT

      Worlds Chat 0.9a
	    Windows, ȤЦAݥ(3D chat) {

      Alpha Worlds
	    Windows, Windows, ȤЦAݥ(3D chat) {








Linux IP Masquerade mini HOWTO Ķ					     20



      Powwow
	    Windows,
	    IIrnժOqTApGAIsOHAH̥iHPA͡AOL̤IsAD

      CU-SeeMe
	    Ҧ䴩OAtXJ cuseeme	ҲաAԲӲӸ`а \ IP Mas
	    querade Resource16

      VDOLive
	    Windows, tX vdolive  ׸

`N: YϤOѧAIsOHAϥ ipautofw MYǫȤݳn鹳O IPhone H
Powwow i٬OiHB@(Ѿ\ 4.6  `)

䥦Ȥݳn

      NCSA Telnet 2.3.08
	    DOS, ]t telnet, ftp, ping  @ծMD

      PC-anywhere for windows 2.0
	    MS-Windows, g TCP/IP ݻ PC
	    Aub@ȤݦӫDDݪΤU~B@

      Socket Watch
	    ϥ ntp  ɶw

      Linux net-acct package
	    Linux, b޲zM

4.3.2  LkϥΪȤݳn



      Intel Internet Phone Beta 2
	    iHsWnuV(~)ǰe

      Intel Streaming Media Viewer Beta 1
	    LksWA

      Netscape CoolTalk
	    Lks

      talk,ntalk
	    oN|B@  ݭng@֤ߥNz{D

      WebPhone
	    ثeLkB@(FXk}])D

      X
	    SչLAڷQDHإߤ@M X
	    Nz{_hLkB@AoiO masquerading

____________________

16.<URL:http://ipmasq.home.ml.org/>







Linux IP Masquerade mini HOWTO Ķ					     21



	    {X~@ӥ~{D@B@覡Oϥ ssh
	    @쵲åBϥΨ䤺 X Nz\Ӱ!

4.3.3  wչLiH@䥦O/@~t



    Linux

    Solaris

    Windows 95

    Windows NT (both workstation and server)

    Windows For Workgroup 3.11 (with TCP/IP package)

    Windows 3.1 (with Chameleon package)

    Novel 4.01 Server

    OS/2 (including Warp v3)

    Macintosh OS (with MacTCP or Open Transport)

    DOS (with NCSA Telnet package, DOS Trumpet works partially)

    Amiga (with AmiTCP or AS225-stack)

    VAX Stations 3520 and 3100 with UCX (TCP/IP stack for VMS)

    Alpha/AXP with Linux/Redhat

    SCO Openserver (v3.2.4.2 and 5)

    IBM RS/6000 running AIX

    (ٴչL䥦O?)

4.4  IP Firewall Administration (ipfwadm)

o@` ipfwadm	`JϥΫޡD

oO@ӵbTw PPP } PPP
su᭱/˨tΨϥΪ]wDH(trusted) ɭ 192.168.255.1, PPP
ɭwgקLHקKǿ :) DڤOCXC@ӶiJ(incoming)HΰeX(outgo
ing)ɭӧXܧ󻼰e|(stuffed routing) H/άO(masquerad
ing)oǭ IP spoofing ޥDPɥST\F賣OT!














Linux IP Masquerade mini HOWTO Ķ					     22



     #!/bin/sh
     #
     # /etc/rc.d/rc.firewall,  wqtmAq rc.local D
     #

     PATH=/sbin:/bin:/usr/sbin:/usr/bin

     # եΡAݤ@qɶMMҦWhD
     # pGAƱ樾Q۰NUCX檺ѡD
     # (sleep 600; \
     # ipfwadm -I -f; \
     # ipfwadm -I -p accept; \
     # ipfwadm -O -f; \
     # ipfwadm -O -p accept; \
     # ipfwadm -F -f; \
     # ipfwadm -F -p accept; \
     # ) &

     # iJ˹hD]wAsHγ]wڵ(policy)DƹW
     # w]SYA]NƱڵHΰOҦWh
     ipfwadm -I -f
     ipfwadm -I -p deny
     # ˹hDa(local) ɭAϰ̪A\s
     # a
     ipfwadm -I -a accept -V 192.168.255.1 -S 192.168.0.0/16 -D 0.0.0.0/0
     # ˹hD(remote)ɭAn٬Oϰ̪AIP spoofing
     # ڵ
     ipfwadm -I -a deny -V your.static.PPP.address -S 192.168.0.0/16 -D 0.0.0.0/0 -o
     # ˹hDݬɭAӷA\eTw (permanent) PPP
     # }
     ipfwadm -I -a accept -V your.static.PPP.address -S 0.0.0.0/0 -D your.static.PPP.address/32
     # ^(loopback)ɭO\
     ipfwadm -I -a accept -V 127.0.0.1 -S 0.0.0.0/0 -D 0.0.0.0/0
     # ҦWhA䥦iJ覡|QڵðODiS
     # OΪﶵoiHN
     ipfwadm -I -a deny -S 0.0.0.0/0 -D 0.0.0.0/0 -o

     # eX˹hD]wAsHγ]wڵ(policy)DƹW
     # w]SYA]NƱڵHΰOҦWh
     ipfwadm -O -f
     ipfwadm -O -p deny
     # aɭA\ӷeXܰϰ
     ipfwadm -O -a accept -V 192.168.255.1 -S 0.0.0.0/0 -D 192.168.0.0/16
     # ݬɭeXܰϰAstuffed routing Aڵ
     ipfwadm -O -a deny -V your.static.PPP.address -S 0.0.0.0/0 -D 192.168.0.0/16 -o
     # ϰqݬɭeXAstuffed masqueradingAڵ
     ipfwadm -O -a deny -V your.static.PPP.address -S 192.168.0.0/16 -D 0.0.0.0/0 -o
     # ϰqݬɭeXAstuffed masqueradingAڵ
     ipfwadm -O -a deny -V your.static.PPP.address -S 0.0.0.0/0 -D 192.168.0.0/16 -o
     # 䥦ݬɭeXF賣O\
     ipfwadm -O -a accept -V your.static.PPP.address -S your.static.PPP.address/32 -D 0.0.0.0/0
     # ^(loopback)ɭO\
     ipfwadm -O -a accept -V 127.0.0.1 -S 0.0.0.0/0 -D 0.0.0.0/0
     # ҦWhA䥦eX覡|QڵðODiS








Linux IP Masquerade mini HOWTO Ķ					     23



     # OΪﶵoiHN
     ipfwadm -O -a deny -S 0.0.0.0/0 -D 0.0.0.0/0 -o

     # ˹hDe]wAsHγ]wڵ(policy)DƹW
     # w]SYA]NƱڵHΰOҦWh
     ipfwadm -F -f
     ipfwadm -F -p deny
     # ˰ϰqaɭeXܥa誺
     ipfwadm -F -a masquerade -W ppp0 -S 192.168.0.0/16 -D 0.0.0.0/0
     # ҦWhA䥦e覡|QڵðODiS
     # OΪﶵoiHN
     ipfwadm -F -a deny -S 0.0.0.0/0 -D 0.0.0.0/0 -o

AiHϥ -I, -O άO -F
ӱYSw`IyqDOooǳWhOѤWUy -a
N"[(append)"ثe{WhҥH󭭨b(global)WheX{DҦp(SչL)
:-

ϥ -I
WhDiOt׳̧֪Ouϰ̪A𥻨MiHs"T"`IDMAiQ\o˪զXD

     ... start of -I rules ...
     # ڵðOaɭAϰ̪q 204.50.10.13
     ipfwadm -I -a reject -V 192.168.255.1 -S 192.168.0.0/16 -D 204.50.10.13/32 -o
     # aɭAϰ̪A\qa
     ipfwadm -I -a accept -V 192.168.255.1 -S 192.168.0.0/16 -D 0.0.0.0/0
     ... end of -I rules ...

ϥ -O WhD̺CA]ʥ]gL˦oӳWhsT`ID

     ... start of -O rules ...
     # ڵðOeX 204.50.10.13 
     ipfwadm -O -a reject -V your.static.PPP.address -S your.static.PPP.address/32 -D 204.50.10.13/32 -o
     # \䥦ݬɭeXF
     ipfwadm -O -a accept -V your.static.PPP.address -S your.static.PPP.address/32 -D 0.0.0.0/0
     ... end of -O rules ...

ϥ -F WhDi -I
CӳoMu˪(Ҧp)A𤴵MiHoT`ID

     ... start of -F rules ...
     # ڵðO PPP  ɭeXqϰ 204.50.10.13 ơD
     ipfwadm -F -a reject -W ppp0 -S 192.168.0.0/16 -D 204.50.10.13/32 -o
     # ˥aɭqϰeXܥa誺ơD
     ipfwadm -F -a masquerade -W ppp0 -S 192.168.0.0/16 -D 0.0.0.0/0
     ... end of -F rules ...

ݭnӯSwWhӤ\ 192.168.0.0/16 q 204.50.11.0,
o[\WhD

@إHWkiHɭ]wWzWhDҦpiHϥ -W eth0 ӨN -V
192.168.255.1AiHϥ -W ppp0  ӨN -V
your.static.PPP.addressDӤH̭ܳnD









Linux IP Masquerade mini HOWTO Ķ					     24



4.5  IP Masquerade HλݨD(Demand-Dial-Up)

  1.  pGAQ]w۰ʼWںA  diald demand
      MN|OܴΪuD

  2.  n]w diald, Ьd Setting Up Diald for Linux Page17  

  3.  @ diald H IP masq  ]wAAiHbȤݾWҰ web, tel
      net  άO ftp suD

  4.  Diald N|iJtΪШDAMἷA ISP ëإ߳suD

  5.  Ĥ@suN|o͹O(timeout)
      ΡDpGAϥ񦡪ƾھoOLiקKD إ߼ƾھsH PPP
      suҪOɶN|ϧAȤݳn餣@D pGAϥ ISDN
      suoOiHקKDAouOȤݳn{檺{ǦAsҰʧYiD

4.6  IPautofw ʥ]e{

IPautofw18  O@ӵ Linux masquerading ϥΪ@ TCP  UDP
e{D@ϥλݭn UDP  M󪺮ɭԡAݭnJSw ip_masq
ҲաFip_masq_raudio, ip_masq_cuseeme,... Ipautofw
H@ƪ覡B@AN|e]toε{SwҲճ|eƬyADpGSTa޲zoiywW|}D


5.  䥦

5.1  DU

     ** Фnհeqll󵹧ڰ IP Masquerade
     DD]ӤHu@tAڵLkOҦ^ЩҦD website DD
     бNADe IP Masquerade mailing list19
     (ڷQoǪΪDUӷ)DoIܩpAڤQAXӬP~^HD
     **

    IP Masquerade Resource page20  ӦT]w IP MasqueradeD

    [J IP masquerade  lC(ĳ)

     nq\ܡAHʼD "subscribe" (]t޸)l masq-
     request@indyramp.com

     nq\ܡAHʼD "unsubscribe" (]t޸)l masq-
     request@indyramp.com


____________________

17.<URL:http://home.pacific.net.sg/~harish/diald.config.html>

18.<URL:ftp://ftp.netis.com/pub/members/rlynch/ipautofw.tar.gz>

19.<URL:http://ipmasq.home.ml.org/index.html#mailinglist>

20.<URL:http://ipmasq.home.ml.org/>







Linux IP Masquerade mini HOWTO Ķ					     25



     noϥγoӶlCUܡAHʼD "archive help" 
     "archive dir" (]t޸)l masq-request@indyramp.com

    IP masquerade lCɮ21  ]tҦLheoӶlCTC

     Linux IP Masquerade mini HOWTO22  for kernel 2.x (pGAϥ 1.3.x
     or 2.x ֤)

    IP Masquerade HOWTO for kernel 1.2.x23  pGAϥΤª֤

    IP masquerade FAQ24  Ǥ@ʪT

    X/OS Ipfwadm page25  ]t ipfwadm
     M󪺭l{XAɡAAHΨ䥦T

     Lee Nevo Һ@ iP Linux IP masquerading B@ε{26
     ѴܻPޥϱoε{P IP Masquerade B@D

    LDP Network Administrator's Guide27  oOsճ]wnT

    Linux NET-2 HOWTO28  ]\h Linux  譱ΪT

    Linux ISP Hookup HOWTO29  H Linux PPP HOWTO30  Ap Linux
     DsWںT

    Linux Ethernet-Howto31  ]wAӺϰܴΪTӷ

    A]i Linux Firewalling and Proxy Server HOWTO32  


____________________

21.<URL:http://www.indyramp.com/masq/list/>

22.<URL:http://ipmasq.home.ml.org/ipmasq-HOWTO.html>

23.<URL:http://ipmasq.home.ml.org/ipmasq-HOWTO-1.2.x.txt>

24.<URL:http://www.indyramp.com/masq/ip_masquerade.txt>

25.<URL:http://www.xos.nl/linux/ipfwadm/>

26.<URL:http://masqapps.home.ml.org>

27.<URL:http://linuxwww.db.erau.edu/NAG/>

28.<URL:http://www.caldera.com/LDP/HOWTO/NET-2-HOWTO.html>

29.<URL:http://www.caldera.com/LDP/HOWTO/ISP-Hookup-HOWTO.html>

30.<URL:http://www.caldera.com/LDP/HOWTO/PPP-HOWTO.html>

31.<URL:http://www.caldera.com/LDP/HOWTO/Ethernet-HOWTO.html>

32.<URL:http://www.caldera.com/LDP/HOWTO/Firewall-HOWTO.html>







Linux IP Masquerade mini HOWTO Ķ					     26



    Linux Kernel HOWTO33  N|ާAsĶ֤ߪL{

    䥦 Linux HOWTOs34  O	Kernel HOWTO

    iKo USENET sDs: comp.os.linux.networking

5.2  P

     Gabriel Beitler, gbeitler@aciscorp.com

      on providing section 3.3.8 (setting up Novel)

    Ed Doolittle, dolittle@math.toronto.edu

     on suggestion to -V option in ipfwadm command for improved security

    Matthew Driver, mdriver@cfmeu.asn.au

     on helping extensively on this HOWTO, and providing section 3.3.1 (setting
     up Windows 95)

    Ken Eves, ken@eves.com

     on the FAQ that provides invaluable information for this HOWTO

    Ed. Lott, edlott@neosoft.com

     for a long list of tested system and software

    Nigel Metheringham, Nigel.Metheringham@theplanet.net

     on contributing his version of IP Packet Filtering and IP Masquerading
     HOWTO, which make this HOWTO a better and technical in-depth document

     section 4.1, 4.2, and others

    Keith Owens, kaos@ocs.com.au

     on providing an excellent guide on ipfwadm section 4.2

     on correction to ipfwadm -deny option which avoids a security hole, and
     clarified the status of ping over IP Masquerade

    Rob Pelkey, rpelkey@abacus.bates.edu

     on providing section 3.3.6 and 3.3.7 (setting up MacTCP and Open Trans
     port)



____________________

33.<URL:../Kernel-HOWTO.html>

34.<URL:http://www.caldera.com/LDP/HOWTO/HOWTO-INDEX-3.html>







Linux IP Masquerade mini HOWTO Ķ					     27



    Harish Pillay, h.pillay@ieee.org

     on providing section 4.5 (dial-on-demand using diald)

    Mark Purcell, purcell@rmcs.cranfield.ac.uk

     on providing section 4.6 (IPautofw)

    Ueli Rutishauser, rutish@ibm.net

     on providing section 3.3.9 (setting up OS/2 Warp)

    John B. (Brent) Williams, forerunner@mercury.net

     on providing section 3.3.7 (setting up Open Transport)

    Enrique Pessoa Xavier, enrique@labma.ufrj.br

     on the bootp setup suggestion

    developers of IP Masquerade for this great feature


	      Delian Delchev, delian@wfpa.acad.bg

	      Nigel Metheringham, Nigel.Metheringham@theplanet.net

	      Keith Owens, kaos@ocs.com.au

	      Jeanette Pauline Middelink, middelin@polyware.iaf.nl

	      David A. Ranch, trinity@value.net

	      Miquel van Smoorenburg, miquels@q.cistron.nl

	      Jos Vos, jos@xos.nl

	      ٦䥦ڧѤF(ڪD)



    Ҧe^XΫĳlCWϥΪ̡ASOOǳiW~HΤw䴩P䴩ȤݪD

    pGڨS]AYǨϥΪ̰eڪTڷPpDphĳPQkeڳo̡AڥuOSɶhTwΪ̧ڤpߥFD
     ڥɧڳ̤jVOXҦeڪTo̡DP§AҡAӧڤ]ƱA̸ѧڪpD

5.3  ѦҸ

    Ken Eves  IP masquerade `ݵ

    Indyramp Consulting  IP masquerade lC

    X/OS  Ipfwadm  









Linux IP Masquerade mini HOWTO Ķ					     28



    U Linux HOWTOs





























































Linux IP Masquerade mini HOWTO Ķ					     29





































































				   CONTENTS



1. ² ..................................................................... 1
   1.1 ²  ................................................................ 1
   1.2 eA^X & ѦҸT ................................................ 1
   1.3 v & ŧi .......................................................... 2

2. I ................................................................. 2
   2.1 O IP Masquerade? ................................................ 2
   2.2 {p ................................................................. 3
   2.3 ֥iHq IP Masquerade q? ....................................... 3
   2.4 ֤ݭn IP Masquerade? .............................................. 3
   2.5 IP Masquerade OpB@? .......................................... 3
   2.6 b Linux 2.x  Wϥ IP Masquerade  ݨD ........................... 5

3. IP Masquerade ]w ..................................................... 6
   3.1 sĶ֤ߥ[J IP Masquerade 䴩 .................................... 6
   3.2 wpκ IP } ............................................... 9
   3.3 tm䥦  ....................................................... 10
   3.4 tm IP e(Forwarding)覡 ...................................... 16
   3.5  IP Masquerade .................................................. 17

4. 䥦 IP Masquerade Dγn䴩 ..................................... 18
   4.1 IP Masquerade D ................................................ 18
   4.2 iJtΪA(incoming services) ................................... 18
   4.3 w䴩ȤݳnHΨ䥦]w譱`Nƶ ........................ 18
   4.4 IP Firewall Administration (ipfwadm)  ............................... 21
   4.5 IP Masquerade HλݨD(Demand-Dial-Up) ........................ 24
   4.6 IPautofw ʥ]e{ ............................................... 24

5. 䥦 .................................................................... 24
   5.1 DU ................................................................ 24
   5.2 P ................................................................ 26
   5.3 ѦҸ  ........................................................... 27




















				       i


