Er... you may not have to *build* the port forwarding modules - in fact,
probably not, if you have the RedHat 6.0 or later and did a server install
or a custom install which included networking stuff. However, you may have
to put "insmod" statements into some startup script (I use rc.local) to get
the modules loaded. The modules in question are in
/lib/modules/2.2.5-15/ipv4. I load them in /etc/rc.d/rc.local as follows:
insmod ip_masq_ftp
insmod ip_masq_raudio
insmod ip_masq_autofw
insmod ip_masq_portfw
insmod ppp_deflate
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
There are other ways to load modules (see man pages for "depmod" and
"modprobe" and good luck to you!). You can also re-build the kernel so that
some of these things are bult-in and don't need to be loaded. If this turns
out to be the case, you should see a warning message in your boot.log file.
In order to tunnel into Windows NT VPN networks, I *did* rebuild the kernel
after using John Hardin's PPTP patch, and then I also load these modules:
insmod ip_gre
insmod ip_masq_pptp
FWIW - some of the previous messages in this thread are a good example of
why it is often a pretty horrible task to get things working in Linux -
outdated, misleading, and incorrect. We need to be more careful if we are
going to be helpful instead of just adding to the trouble.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Mr Cornish Rex
Sent: Monday, December 13, 1999 12:14 PM
To: [EMAIL PROTECTED]
Subject: Re: IP Masquerading
There are port forwarding modules in the linux kernel sources
just enable them in the config and then make modules and make
modules_install
from there tho your on your own - I dont use them myself!
On Mon, 13 Dec 1999, KL Davis wrote:
> My site is far from finished, but may offer some help in setting up
IPCHAINS and
> the newer (kernel 2.4.x) IPTABLES... please let me know if it helps at
all?
> What I can do to make it bettter? I hope to have everything posted and be
> "open" by the first of the year...
>
> www.nanux.xom
>
> KL Davis
>
>
> ****************************************
>
> Tim Coleman wrote:
>
> > On Sat, Dec 11, 1999 at 11:01:10PM -0500, Jake Colman wrote:
> > > >>>>> "Mike" == Mike Jagdis <[EMAIL PROTECTED]> writes:
> > >
> > > >> Hello. I'd like to be able to connect throught my masquerading
> > > >> machine to a computer behind it. Is there any method of doing
this?
> > >
> > > Mike> Look at ipmasqadm and use either the portfw or mfw modules.
> > >
> > > Am I missing something or is ipmasqadm NOT part of the RedHat
distribution?
> > > Any idea why not? Are there RPMs for it?
> >
> > Well, if the Red Hat distribution has a 2.2.x kernel as standard, it
> > is likely that it would include ipchains, which supersedes ipmasqadm
> > (and which will itself be superseded in 2.4.x).
> >
> > ipchains, however, does not (at least I think it doesn't) have any
options
> > for port forwarding, etc. So, I'm not sure what the recommended
software
> > to use is for forwarding. But, ipmasqadm should be downloadable off of
> > the Internet. I would recommend a FAQ, but I think any relevant ones
> > are likely quite out of date by now.
> >
> > ttfn
> >
> > Tim
> >
> > -
> > To unsubscribe from this list: send the line "unsubscribe linux-diald"
in
> > the body of a message to [EMAIL PROTECTED]
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-diald" in
> the body of a message to [EMAIL PROTECTED]
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
