On Tue, 2 Jul 2002, Jan Humme wrote: > No, I just wanted to point out that masquerading provides an easy way to get > the desired results.
It does, true, but the howto recommends not using MASQ for static IPs. If I had just done what told me what to do instead of worrying about problems that didn't exist, I wouldn't have had to post this question to begin with. :) > On the other hand, taking into consideration the elegance of a one-line > masquerading rule (one test) vs. your 4-line solution (more tests), would you > still argue that a masquerading solution is less efficient? Without a doubt, the (slightly) faster, (slightly) more complex solution is better. It takes all of 30 minutes (if you're easily distracted) to get this part of your firewall up and running, but it'll route packets for months using the rules you choose.
