[NTLUG:Discuss] Masquerading in brief, 2.2 ipchains style
Chris Cox
cjcox at acm.org
Sun Aug 15 23:07:43 CDT 1999
Since there is some discussion of masquerading....
As root do:
ipchains -A forward -j MASQ -s 192.168.X.0/24 -d 0.0.0.0/0
echo 1 >/proc/sys/net/ipv4/ip_forward
Replace X with your network identifier for your private net.
e.g. 192.168.4.0
Then I use dhcp for connecting machines up. Below is an example
/etc/dhcpd.conf. It assumes my dialed in machine is
192.168.X.1 and that a named is running on it. However,
as mentioned below, you can point to your ISP's nameserver
safely. The valid addresses I setup span from 3 to 20 as
far as dhcp goes....you can make it whatever valid range
you want.
Make sure the two machines can see each other. You may have
to modify the route tables appropriately. I'd just add
a generic net entry for your 192.168.X.0 network on both
machines. Add a line like:
192.168.X.0 0.0.0.0 255.255.255.0 eth0
To your /etc/route.conf.
# Begin dhcpd.conf
# option definitions common to all supported networks...
# Note: replace domain-name-servers with your ISP's nameserver address
# if your not running a local DNS caching nameserver.
option domain-name "cjcox.org";
option domain-name-servers 192.168.X.1;
default-lease-time 600;
max-lease-time 7200;
subnet 192.168.X.0 netmask 255.255.255.0 {
range 192.168.X.3 192.168.X.20;
option broadcast-address 192.168.X.255;
option routers 192.168.X.1;
}
# end dhcpd.conf
More information about the Discuss
mailing list