From: "Grant Parnell" <[EMAIL PROTECTED]> To: "Dennis M. Gray" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Sunday, January 25, 2004 5:41 PM Subject: Re: [SLUG] Difficulty in configuring ADSL
> What Oscar says is mostly true. It is not a requirement to have a firewall > to solve the routing problem, it's just that for plenty of other reasons > it's a good idea. > The firewall is certainly not to be used to turn on routing. This is NOT what I meant. We do not use the firewall to turn on routing. The firewall is used to turn on IP-MASQUERADING. The firewall like IPCHAINS or IPTABLES is required to IP-MASQUERADE and this is what I meant. > Also, I'm a bit concerned with the 10.x.x.x addresses, these are > designated as private IP space and you won't be able to reach them from > the internet - meaning everything must be masqueraded or go through ISP > proxies. > 10.x.x.x addresses are perfectly OK. Only, you need IP-MASQUERADING. With IP-MASQUERADING I can masquerade 10.x.x.x as valid internet IP-ADDRESS. This is the reason why you need IPCHAINS or IPTABLES or PROXYING. Incidentally, Grant how do you IP-MASQUERADE if you dont turn on IPCHAINS or IPTABLES or in short firewalling ? -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
