/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */
Hey Everyone,
Fuzzy Fox is 100% on target. Functionality like this has NOTHING to
do with IPCHAINS and everything to do with the routing mechanism on
the Linux server.
Even with IPROUTE2 in place on the Linux server, it does NOT currently
support ALIASED interfaces (eth0:1, etc). I just emailed the author
of IPROUTE2 to see if he could add this feature in the future but we'll
see what he has to say.
Regardless, I *WILL* add this question to the FAQ of the IP Masq HOWTO.
Yet, even if the functionality were available in IPROUTE2, I won't
cover it. It doesn't have anything to directly do with IPMASQ.
Ok?
--David
At 11:16 AM 8/31/99 -0500, Fuzzy Fox wrote:
>/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */
>
>
>
>Paul Witting <[EMAIL PROTECTED]> wrote:
>>
>> > Is it possible to specify a masq such that outbound packets from, say,
>> > 192.168.0.100 are rewritten to appear as if they originated at the
>> > "eth0:1" address, "172.17.2.8", rather than the default "eth0" address?
>
>This is getting to be a real FAQ around here, so I think it's important
>to nail down this answer so that it can be documented somewhere.
>
>> This CAN be done. The trick is to somehow route the packets so that
>> their destination is eth0:0 instead of eth0.
>
>And this is the important key. I've been telling people for months now
>that it's the ROUTE TABLE that determines where your packets get sent.
>People are always asking how to set up an ipchains rule that sends these
>packets this way, or those packets that way. IT CAN'T BE DONE. Not
>with ipchains. Ipchains determines what happens to a packet AFTER IT
>HAS BEEN ROUTED. The kernel decides which way the packet is going to
>go, and THEN it consults the ipchains rulesets, to determine *IF* the
>forwarding should be allowed, *and* if it should be masqueraded during
>forwarding.
>
>So, if your default route points out the eth0 interface, then THAT is
>the IP address your packets will masquerade as. If you manage to get
>your default route pointing to eth0:1, then THAT is the IP address that
>your packets will have. It's that simple. Or that complex.
>
>I guess I need to start learning about the other routing packages
>available if I'm gonna start being any real help around here. :)
>
>Masq maillist - [EMAIL PROTECTED]
>Admin requests can be handled at http://www.indyramp.com/masq-list/
>or email to [EMAIL PROTECTED]
>
>PLEASE read the HOWTO and search the archives before posting.
>You can start your search at http://www.indyramp.com/masq/
>Please keep general linux/unix/pc/internet questions off the list.
>
.----------------------------------------------------------------------------.
| David A. Ranch - Linux/Networking/PC hardware [EMAIL PROTECTED] |
!---- ----!
`----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----'
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
