newbie question !!

[prashant]

hello friend   i am new to this world (firewall), i want to implement firewall on linux box networks 1> external network 2> DMZ 3> internal network (192.168.x.x) with either proxy or masquarading   i am confused 1>if i use application gateway (FWTK etc) for internal to external or DMZ then i have to disable ip forwading is this correct ?why ?  and what about ip masquarading ? 2> if i  masquarade internal network (192.168.x.x) with single real static ip, and will use ipchains for filtering the traffic then is this possible with ip forwarding disabled its obvious to eneble masquarading in this case    i am actually not getting when to turn on forwarding and masquarading  ,i am following diff links and have goen through many docs explaining but i havt found any mentioning this clearly   please tell me what exactly happens when one turns on ip forwading and same for ip masquarading   please guide me , and ya really sorry for asking such silly question   with warmest regards Prashant Desai