[H-GEN] IP Masquerading

Michael Anthon anthonm at tams.com.au
Wed Sep 30 04:06:03 EDT 1998 

Right, this got me curious enough to check.  The kernel bits of the
masquerading CAN'T be built as modules.  You need the support built into
the kernel... here is a snippet from "make menuconfig"...
	[*] Network firewalls
[*] Network aliasing
[*] TCP/IP networking
[*] IP: forwarding/gatewaying
[*] IP: multicasting
[*] IP: syn cookies
[*] IP: firewalling
[*] IP: firewall packet logging
[*] IP: masquerading


This indicates (assuming that menuconfig has it correctly) that these
bits are either in or out, no module support.  
I installed RH5.1 out of the box and stuffed around with settings for
AGES.  I finally bit the bullet and recompiled the kernel and suddenly
(without any changes to my settings or loading of modules) masquerading
started to work.



Regards
Michael Anthon


-----Original Message-----
From: Stephen Thomas [mailto:sthomas at yakko.wtower.com]
Sent: Wednesday, 30 September 1998 5:49
To: general at humbug.org.au
Subject: Re: [H-GEN] IP Masquerading


Well, I was running the standard RedHat 5 kernel for ages, all I did
was install ipfwadm and set up the rules...  so my guess is it's
allready in the kernel.

My reason (others may vary) for liking the modules is so you can
insert them and remove them as needed.  (prolly could be replaced
with, to remove the real audio one cause two different people are
downloading the same stream to see if they can get an echo effect
, I dunno, go fig some people :-) (you know who you are btw ;-)

Stephen Thomas (TheDirector)
sthomas at wtower.com

On Wed, Sep 30, 1998 at 05:05:02PM +1000, Robert Brockway wrote:
> On Tue, 29 Sep 1998, Stephen Thomas wrote:
> 
> > If you want, you should just be able to insert the modules,
though:-)
> 
> The masq modules are 'helper' modules.  IE, masq is still needed in
the
> kernel - the helper modules just allow certain protocols to work
properly
> through a masquerade.
> 
> IMHO the standard helper modules should be able to be compiled into
the
> kernel.
>  
> > On Wed, Sep 30, 1998 at 12:40:21PM +1000, Michael Anthon wrote:
> > > Don't forget that an as shipped RH kernel will NOT support
masquerading.
> > > I seem to recall reading somewhere that it did and spent many
hours
> > > trying to get it to work "out of the box".
> 
> Cheers,
> 	-Robert
> 
> --Robert Brockway B.Sc.  Email: robert at blake.humbug.org.au
>                                 robert at humbug.org.au,
r.brockway at uq.net.au
> 			 WWW:   http://www.humbug.org.au/~robert
> 			 Founder of HUMBUG (http://www.humbug.org.au)
> 
>

More information about the General mailing list