[Masq] Re: Port Forwarding and IP Masq , Also Bandwidth Prio ritizing

Wed, 20 Oct 1999 13:24:30 -0700 

/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */


Kramer, Richard <[EMAIL PROTECTED]> wrote:
>
> I think this is a pretty big problem for MASQing in general.  I would
> certainly not bill it as "botched networking".

While the purist in me says that it's botched, the realist in me sees
the reasons why this will continue to happen for a lot of people.  :)

> It would be much better if masqing simply allowed you to refer to
> internal machines by the external masq port AND have the outgoing
> packet MASQ'd (it is going out after all).

You might take an interest in the following message from the masq-dev
mailing list.  I suggest contacting the author to find the latest patch.

    From: Rolf Braun <[EMAIL PROTECTED]>
    To: [EMAIL PROTECTED], [EMAIL PROTECTED],
                [EMAIL PROTECTED], [EMAIL PROTECTED]
    Subject: [Masq-dev] [PATCH] 2.2.10: 2-dir masquerading for
                single-interface port forwarding
    Date: Tue, 29 Jun 1999 12:52:01 -0400 (EDT)
    Message-ID: <[EMAIL PROTECTED]>

    This patch adds a 2-dir (bidirectional) masquerading feature to the
    kernel so that connections can be set up directly through the kernel
    in whichneither side sees the real IP of the other side.  The
    intention of this patch is to provide a way to cleanly forward
    connections over a single interface using the accompanying masq_mbfw
    module, which is mfw modified to use the new code.

    This code can be extremely useful in situations where an internal
    network must access a port-forwarded server on the same network
    using the same IP as the external network, which for us keeps things
    uniform for testing purposes and avoids nasty DNS hacks.  The
    'redir' program can be used to do the same thing in userland, but it
    is more difficult to set up (inetd does not support port ranges, for
    one thing) than mfw/mbfw, and it may be technically slower.

    [...patched snipped... it's huge, and probably out-of-date...]

-- 
   [EMAIL PROTECTED] (Fuzzy Fox)      || "Just about every computer on the market
sometimes known as David DeSimone  ||  today runs Unix, except the Mac (and
  http://www.dallas.net/~fox/      ||  nobody cares about it). -- Bill Joy '85

_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES 
UNSUBSCRIBING!
or email to [EMAIL PROTECTED]

PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.

Reply via email to