On Wed, 31 Jul 2019 at 15:46:39 +0100, Wookey wrote: > What is the modern equivalent of 'ipmasq'? I still miss this tool on a > regular basis and loved what it did. I have not found a replacement > and forever end up looking up runes on the net and doing it by hand > with iptables. ('it' being setting up my machine to listen on > one interface (e.g. to a dev board) and forward everything to/from the > real internet (wifi or ethernet).
Perhaps not the answer you were looking for or expecting, but: NetworkManager? Configure your uplink connection, e.g. wifi, as you usually would, then configure the interface that points to your dev board with method=shared in the [ipv4] section. In nm-connection-editor that's spelled "Shared with other computers"; other GUIs may vary (and simpler UIs for NetworkManager, like the one in GNOME Shell, don't necessarily offer that option). See nm-settings(5) for details. Or if you prefer fewer GUIs, systemd.network(5) networks can be configured with IPMasquerade=yes and IPForward=ipv4, which enables routing according to the routing table (and is documented as not implying any firewalling, so add a firewall if the policy you want is not "any interface relays to any other interface"). > Nor firewalld - perhaps it would do what I want? firewalld is really for firewalling, and not for the various other things that share the netfilter kernel interface. smcv