As far as I know masquerading is working only for tcp. Domain services are using mainly udp. Therefor I have running at the firewall a dns server. It takes the requests from internal net and sends them to the outside internet.
Michael -- Michael Steiner, minorgasse 35, A-1140 Vienna, Austria Robert Voigt schrieb: > > I compiled a 2.2.19 kernel because I want to use ipchains and do IP > masquerading. > The ipmasq package description on the debian website says one should enalbe > CONFIG_FIREWALL, CONFIG_IP_FIREWALL, CONFIG_IP_FORWARD, and > CONFIG_IP_MASQUERADE. > > I couldn't find CONFIG_IP_FORWARD in the kernel compile options. I assumed it > was obsolete and went on. > > After installing the kernel and rebooting I installed the ipmasq package from > potato. It printed the following error several times: > > Should I start IP Masquerading? [Y/n] y > Initializing IP Masquerading.../sbin/ipchains: invalid mask `' specified > Try `/sbin/ipchains -h' or '/sbin/ipchains --help' for more information. > > In between these errors it said IP forwarding is not enabled and I should do > echo 1 /proc/sys/net/ipv4/ip_forward > > The file /proc/sys/net/ipv4/ip_forward already contains a "1". > > Now I don't know what to do. > > I cannot connect to the internet from the other box. It says unknown host. > The internal network runs fine otherwise, and /etc/network/interfaces looks > good. The internet connection on this box that I want to use as gatewaw also > works. > > Help would be great. > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
