Re: IP forwarding: I probably have it but didnt know that..

B.Candler@pobox.com
Sat, 10 Oct 1998 11:57:52 +0100

On Sat, Oct 10, 1998 at 02:53:05AM +0200, Jack Lehte wrote:
> I ve installed redhat5.0/kernel 2.0.32(which normally has no IP masquerade
> compiled
> in) and did recompile it for IP_masquerade kernel support, and I can tell
> you that I do not see
> any difference between the kernel with IP masquerade and the one without it:
> Both have exactly the same following files with same contents:
>
> #/proc/net/ip_masquerade:
> Prc From IP F Prt TO IP Tprt Masq Init seq Delta Pdelta Expires (free=4096,$)
> #/proc/net/ip_masqu_app:
> Prot port attach name
> #/proc/net/ip_autofw:
> type prot low High Vis Hi dWhere last cpto cprt timer flags

Those show that the kernel _does_ have IP masquerade compiled in, it just
isn't doing anything at the moment. If you saw that in the first instance,
then there was no need to recompile your kernel. If you didn't, then you
could have just upgraded to

ftp://ftp.redhat.com/pub/redhat/redhat-5.0/updates/i386/kernel-*2.0.35-2*

To masquerade 10.0.0.0-10.255.255.255 addresses:

# ipfwadm -F -a accept -S 10.0.0.0/8 -m

You'll see this rule appear under /proc/net/ip_forward. You won't see
anything in /proc/net/ip_masquerade until there are some active masqueraded
sessions in progress (ipfwadm -M -l will also show them)

> II) But what about the command "ipfwadm" that is actually impossible to run
> on my actual linux
> box recompiled for IP_masquerade?? should I simply download the ipwadm
> package and install it as
> ..???
> And IP_masquerade/forwarding would then run ok on my system??

rpm -Uvh ftp://ftp.redhat.com/pub/redhat/redhat-5.0/i386/RedHat/RPMS/ipfwadm-2.3.0-5.i386.rpm

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/