[plug] Req hints on a masq/proxy box
Ian Kent
ian.kent at pobox.com
Mon Aug 17 08:29:43 WST 1998
On Mon, 17 Aug 1998, The Thought Assassin wrote:
>> Does anyone have any hints and tips on setting up a masq. box (with a
>> proxy server if possible) or is this a case of following the HOWTO docs?
>The HOWTOs are pretty good, but not so easy when you first read them.
>A proxy is just about the easiest thing you could install. Basically, you
>dpkg -i squid.deb and you will have a fully functional proxy on port 3128.
>
>Masquerading is not a great deal harder. On a 2.0 kernel with masq built
>in, and ipfwadm installed. (ipfwadm.deb :)
>ipfwadm -F -a accept -m -S 192.168.1.0/255.255.255.0
>(IP FireWalling ADMinistration, -F orwarding rules, -a ppend a rule: "accept,
>for forwarding, but -m asquerade packets with a -S ource address of 192.168.1.0
>/255.255.255.0")
>will be enough to masquerade that subnet.
>Some protocols will need:
>insmod /lib/modules/<ker-ver>/ipv4/ip_masq_<protocol>.o
>to work properly, notably ftp and irc. You might as well just do:
>insmod /lib/modules/<ker-ver>/ipv4/ip_masq_*.o
>
I have a setup that is designed to allow mostly outgoing only connections
for specific services, with masquerading, which I would be glad to forward to
you and discuss with you. It is only a little similar to the HOWTO now. It fits
into a RH config but I am sure that you will be able to adapt it and perhaps
point out its flaws.
Ian
More information about the plug
mailing list