David Talkington wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Barry L. Kline wrote:
>
> >> I leave my firewall and masquarading rules in place
> >> permanently, and let pppd handle route changes dynamically with the
> >> defaultroute option. Is your setup too complex for that to work for
> >> you (e.g., you don't want all clients to have access to ppp0)?
> >>
> >
> >I thought I'd need the IP
> >address of PPP0 for the firewall and masq to work correctly.
>
> No, for masquarading, you only need to specify the source network,
> which is internal and therefore known:
>
> /sbin/ipchains -A forward -s 192.168.1.0/16 -j MASQ
>
> And your firewall rules may specify the ppp0 interface for inbound
> packets, so you don't need to know your current IP. For example:
>
> /sbin/ipchains -A input -i ppp0 -p tcp ! -y -j ACCEPT
>
> (That accepts everything from ppp0 except syns.)
>
I'll be darned -- after so long of using the IP address of PPP0 I just
assumed that's the way it was done. Thanks very much David for
pointing me in the right direction. Now that I know that (slapping
head DUH) I'll have no trouble getting the rest done.
Best regards,
Barry
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
