RE: [expert] IP Masquerading

xylonite Fri, 03 Nov 2000 03:12:15 -0800

try ipchains

my sample for ipchains rules set for lan and wan connection 

<<< begin 2 cut

#!/bin/sh

#############
# Variables #
#############

CLASS_A="10.0.0.0/8"
CLASS_B="172.16.0.0/12"
CLASS_C="192.168.0.0/16"

LOOPBACK="127.0.0.0/8"

MULTICAST="240.0.0.0/3"

BROADCAST_0="0.0.0.0"
BROADCAST_1="255.255.255.255"

PRIVILEGED_PORTS="0:1023"
UNPRIVILEGED_PORTS="1024:65535"

SSH_PORTS="1020:1023"

########################################
# Set the system location of ipchains. #
########################################

IPCHAINS=`which ipchains`

##############################################################################
# Enter the device you use to connect to the Internet (ppp0, eth0, etc.) for #
# your external interface, and the card you use for your internal network.   #
##############################################################################

EXTERNAL_INTERFACE="eth0"
INTERNAL_INTERFACE="eth1"
LOOPBACK_INTERFACE="lo"

ANYWHERE="0.0.0.0/0"

######################
# Media One Servers. #
######################

DHCP_SERVERS="24.128.0.0/16"
SMTP_SERVERS="smtp.ne.mediaone.net/31"
POP_SERVER="pop.ne.mediaone.net"
NEWS_SERVER="news.ne.mediaone.net"

##############################################################################
# Cut out the IP Address of the machine from the ifconfig listing.  We       #
# assume that this script for the firewall is being run after the Internet   #
# connection has been made.  Therefore, we should already have an IP Address #
# at this point.  First we grab the Internet IP Address on eth0 ...          #
##############################################################################


IP_ADDRESS_0=`ifconfig $EXTERNAL_INTERFACE | grep inet | cut -d : -f 2`
IP_ADDRESS_0=`echo $IP_ADDRESS_0 | cut -d \  -f 1`

NETMASK_0=`ifconfig $EXTERNAL_INTERFACE | grep Mask | cut -d : -f 4`

EXTERNAL_NETWORK="$IP_ADDRESS_0/$NETMASK_0"

##############################################################################
# ... and then we grab the IP Address of our internal network on eth1.  The  #
# nice thing about this script is that even if we make changes to our eth1   #
# and how we mask out our internal network, we don't have to amke any        #
# changes here in the script.                                                #
##############################################################################

IP_ADDRESS_1=`ifconfig $INTERNAL_INTERFACE | grep inet | cut -d : -f 2`
IP_ADDRESS_1=`echo $IP_ADDRESS_1 | cut -d \  -f 1`

NETMASK_1=`ifconfig $INTERNAL_INTERFACE | grep Mask | cut -d : -f 4`

INTERNAL_NETWORK="$IP_ADDRESS_1/$NETMASK_1"

##############################################################################
# Now, grab the IP Addresses of the nameservers and assign them to the       #
# apprpriate variables.  This will make it easy to allow these machines      #
# through, even if they change.                                              #
##############################################################################

NAMESERVER_1=24.128.232.6
NAMESERVER_2=24.126.16.6
NAMESERVER_3=24.128.1.81
NAMESERVER_4=199.0.65.2
NAMESERVER_5=199.0.65.8
NAMESERVER_6=199.0.65.9

##############################################################################
# Turn on anti-spoofing on all interfaces because we do not have any         #
# asymetric routing.                                                         #
##############################################################################

for f in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 1 > $f; done

##############################################################################
# Flush all of the old rules from the firewall, if any exist.  Start with a  #
# clean slate.                                                               #
##############################################################################

$IPCHAINS -F input
$IPCHAINS -F output
$IPCHAINS -F forward

###########################
# Set the default policy. #
###########################

$IPCHAINS -P input DENY
$IPCHAINS -P output ACCEPT
$IPCHAINS -P forward DENY

##########################################################################
# Deny any packets claiming to be from one of the non-routable networks. #
##########################################################################

$IPCHAINS -A input -i $EXTERNAL_INTERFACE -s $CLASS_A -j DENY
$IPCHAINS -A input -i $EXTERNAL_INTERFACE -d $CLASS_A -j DENY
$IPCHAINS -A input -i $EXTERNAL_INTERFACE -s $CLASS_B -j DENY
$IPCHAINS -A input -i $EXTERNAL_INTERFACE -d $CLASS_B -j DENY
$IPCHAINS -A input -i $EXTERNAL_INTERFACE -s $CLASS_C -j DENY
$IPCHAINS -A input -i $EXTERNAL_INTERFACE -d $CLASS_C -j DENY

$IPCHAINS -A output -i $EXTERNAL_INTERFACE -s $CLASS_A -j REJECT
$IPCHAINS -A output -i $EXTERNAL_INTERFACE -d $CLASS_A -j REJECT
$IPCHAINS -A output -i $EXTERNAL_INTERFACE -s $CLASS_B -j REJECT
$IPCHAINS -A output -i $EXTERNAL_INTERFACE -d $CLASS_B -j REJECT
$IPCHAINS -A output -i $EXTERNAL_INTERFACE -s $CLASS_C -j REJECT
$IPCHAINS -A output -i $EXTERNAL_INTERFACE -d $CLASS_C -j REJECT

$IPCHAINS -A input -i $EXTERNAL_INTERFACE -s $LOOPBACK -j DENY
$IPCHAINS -A input -i $EXTERNAL_INTERFACE -d $LOOPBACK -j DENY

$IPCHAINS -A output -i $EXTERNAL_INTERFACE -s $LOOPBACK -j REJECT
$IPCHAINS -A output -i $EXTERNAL_INTERFACE -d $LOOPBACK -j REJECT

$IPCHAINS -A input -i $EXTERNAL_INTERFACE -s $BROADCAST_1 -j DENY
$IPCHAINS -A input -i $EXTERNAL_INTERFACE -d $BROADCAST_0 -j DENY

$IPCHAINS -A input -i $EXTERNAL_INTERFACE -s $MULTICAST -j DENY

#######################
# Allow incoming ICMP #
#######################

$IPCHAINS -A input -p icmp -s $ANYWHERE -d $IP_ADDRESS_0 -j ACCEPT

#######################
# Allow outgoing ICMP #
#######################

$IPCHAINS -A output -p icmp -s $IP_ADDRESS_0 -d $ANYWHERE -j ACCEPT
$IPCHAINS -A output -p icmp -s $INTERNAL_NETWORK -d $ANYWHERE -j ACCEPT

##############################################################################
# Allow full communication on our internal network between all machines on   #
# the internal network.                                                      #
##############################################################################

$IPCHAINS -A input -i $INTERNAL_INTERFACE -s $INTERNAL_NETWORK -j ACCEPT
$IPCHAINS -A output -i $INTERNAL_INTERFACE -d $INTERNAL_NETWORK -j ACCEPT

##########################################
# Allow access for the loopback adapter. #
##########################################

$IPCHAINS -A input -i $LOOPBACK_INTERFACE -j ACCEPT
$IPCHAINS -A output -i $LOOPBACK_INTERFACE -j ACCEPT

###################
# DNS Client (53) #
###################

$IPCHAINS -A input -p udp -i $EXTERNAL_INTERFACE -s $NAMESERVER_1 53 \
          -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT
$IPCHAINS -A input -p udp -i $EXTERNAL_INTERFACE -s $NAMESERVER_2 53 \
          -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT
$IPCHAINS -A input -p udp -i $EXTERNAL_INTERFACE -s $NAMESERVER_3 53 \
          -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT
$IPCHAINS -A input -p udp -i $EXTERNAL_INTERFACE -s $NAMESERVER_4 53 \
          -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT
$IPCHAINS -A input -p udp -i $EXTERNAL_INTERFACE -s $NAMESERVER_5 53 \
          -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT
$IPCHAINS -A input -p udp -i $EXTERNAL_INTERFACE -s $NAMESERVER_6 53 \
          -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT

$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE -s $NAMESERVER_1 53 \
          -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT
$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE -s $NAMESERVER_2 53 \
          -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT
$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE -s $NAMESERVER_3 53 \
          -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT
$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE -s $NAMESERVER_4 53 \
          -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT
$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE -s $NAMESERVER_5 53 \
          -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT
$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE -s $NAMESERVER_6 53 \
          -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT

$IPCHAINS -A output -p udp -i $EXTERNAL_INTERFACE \
          -s $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -d $NAMESERVER_1 53 -j ACCEPT
$IPCHAINS -A output -p udp -i $EXTERNAL_INTERFACE \
          -s $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -d $NAMESERVER_2 53 -j ACCEPT
$IPCHAINS -A output -p udp -i $EXTERNAL_INTERFACE \
          -s $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -d $NAMESERVER_3 53 -j ACCEPT
$IPCHAINS -A output -p udp -i $EXTERNAL_INTERFACE \
          -s $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -d $NAMESERVER_4 53 -j ACCEPT
$IPCHAINS -A output -p udp -i $EXTERNAL_INTERFACE \
          -s $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -d $NAMESERVER_5 53 -j ACCEPT
$IPCHAINS -A output -p udp -i $EXTERNAL_INTERFACE \
          -s $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -d $NAMESERVER_6 53 -j ACCEPT

$IPCHAINS -A output -p tcp -i $EXTERNAL_INTERFACE \
          -s $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -d $NAMESERVER_1 53 -j ACCEPT
$IPCHAINS -A output -p tcp -i $EXTERNAL_INTERFACE \
          -s $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -d $NAMESERVER_2 53 -j ACCEPT
$IPCHAINS -A output -p tcp -i $EXTERNAL_INTERFACE \
          -s $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -d $NAMESERVER_3 53 -j ACCEPT
$IPCHAINS -A output -p tcp -i $EXTERNAL_INTERFACE \
          -s $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -d $NAMESERVER_4 53 -j ACCEPT
$IPCHAINS -A output -p tcp -i $EXTERNAL_INTERFACE \
          -s $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -d $NAMESERVER_5 53 -j ACCEPT
$IPCHAINS -A output -p tcp -i $EXTERNAL_INTERFACE \
          -s $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -d $NAMESERVER_6 53 -j ACCEPT

###################
# DNS Server (53) #
###################

$IPCHAINS -A input -p tcp -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE $UNPRIVILEGED_PORTS -d $IP_ADDRESS_0 53 -j ACCEPT

$IPCHAINS -A input -p udp -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE $UNPRIVILEGED_PORTS -d $IP_ADDRESS_0 53 -j ACCEPT

########################
# FTP Client (20 & 21) #
########################

$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE 21 -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT

$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE 20 -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT

$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE $UNPRIVILEGED_PORTS \
          -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT

########################
# FTP Server (20 & 21) #
########################

$IPCHAINS -A input -p tcp -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE $UNPRIVILEGED_PORTS -d $IP_ADDRESS_0 21 -j ACCEPT

$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE $UNPRIVILEGED_PORTS -d $IP_ADDRESS_0 20 -j ACCEPT

$IPCHAINS -A input -p tcp -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE $UNPRIVILEGED_PORTS \
          -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT

####################
# SSH Client (22) #
####################

$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE 22 -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT

$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE 22 -d $IP_ADDRESS_0 $SSH_PORTS -j ACCEPT

######################
# Telnet Client (23) #
######################

$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE 23 -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT

######################
# Telnet Server (23) #
######################

$IPCHAINS -A input -p tcp -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE $UNPRIVILEGED_PORTS -d $IP_ADDRESS_0 23 -j ACCEPT

####################
# SMTP Client (25) #
####################

$IPCHAINS -A input -p tcp -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE $UNPRIVILEGED_PORTS -d $IP_ADDRESS_0 25 -j ACCEPT

####################
# SMTP Server (25) #
####################

$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE \
          -s $SMTP_SERVERS 25 -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT

#####################
# Whois Client (43) #
#####################

$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE 43 -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT

#########################
# DHCP Client (67 & 68) #
#########################

$IPCHAINS -A input -p udp -i $EXTERNAL_INTERFACE -s $DHCP_SERVERS 67 \
          -d $IP_ADDRESS_0 68 -j ACCEPT

$IPCHAINS -A input -p udp -i $EXTERNAL_INTERFACE -s $DHCP_SERVERS 67 \
          -d $BROADCAST_1 68 -j ACCEPT

$IPCHAINS -A output -p udp -i $EXTERNAL_INTERFACE \
          -s $BROADCAST_0 68 -d $DHCP_SERVERS 67 -j ACCEPT

$IPCHAINS -A input -p udp -i $EXTERNAL_INTERFACE -s $BROADCAST_0 67 \
          -d $BROADCAST_1 68 -j ACCEPT

$IPCHAINS -A output -p udp -i $EXTERNAL_INTERFACE \
          -s $BROADCAST_0 68 -d $BROADCAST_1 67 -j ACCEPT

$IPCHAINS -A input -p udp -i $EXTERNAL_INTERFACE -s $DHCP_SERVERS 67 \
          -d $ANYWHERE 68 -j ACCEPT

$IPCHAINS -A input -p udp -i $EXTERNAL_INTERFACE -s $ANYWHERE 67 \
          -d $IP_ADDRESS_0 68 -j DENY

######################
# Finger Client (79) #
######################

$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE 79 -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT

####################
# HTTP Client (80) #
####################

$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE 80 -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT

####################
# HTTP Server (80) #
####################

$IPCHAINS -A input -p tcp -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE $UNPRIVILEGED_PORTS -d $IP_ADDRESS_0 80 -j ACCEPT

####################
# POP Client (110) #
####################

$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE \
          -s $POP_SERVER 110 -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT

#####################
# Auth client (113) #
#####################

$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE 113 -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT

#####################
# Auth server (113) #
#####################

$IPCHAINS -A input -p tcp -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE -d $IP_ADDRESS_0 113 -j REJECT

#####################
# News Client (119) #
#####################

$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE \
          -s $NEWS_SERVER 119 -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT

######################
# HTTPS Client (119) #
######################

$IPCHAINS -A input -p tcp ! -y -i $EXTERNAL_INTERFACE \
          -s $ANYWHERE 443 -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j ACCEPT

####################
# Trusted Networks #
####################


$IPCHAINS -A input -s 209.113.135.0/24 -d $IP_ADDRESS_0 -j ACCEPT
$IPCHAINS -A input -s frith.ne.mediaone.net -d $IP_ADDRESS_0 -j ACCEPT
$IPCHAINS -A input -s danclark.ne.mediaone.net -d $IP_ADDRESS_0 -j ACCEPT
$IPCHAINS -A input -s dunamis.ne.mediaone.net -d $IP_ADDRESS_0 -j ACCEPT

#############################################################################
# Set telnet, www and FTP for minimum delay - This section manipulates the  #
# Type Of Service (TOS) bits of the packet. For this to work, you must have #
# CONFIG_IP_ROUTE_TOS enabled in your kernel.                               #
#############################################################################

$IPCHAINS -A output -p tcp -d $ANYWHERE www -t 0x01 0x10
$IPCHAINS -A output -p tcp -d $ANYWHERE telnet -t 0x01 0x10
$IPCHAINS -A output -p tcp -d $ANYWHERE ftp -t 0x01 0x10

#############################################################################
# Set FTP data for maximum throughput - This section manipulates the Type   #
# Of Service (TOS) bits of the packet. For this to work, you must have      #
# CONFIG_IP_ROUTE_TOS enabled in your kernel.                               #
#############################################################################

$IPCHAINS -A output -p tcp -d $ANYWHERE ftp-data -t 0x01 0x08

#################################################
# Deny everything else hitting the input chain. #
#################################################

$IPCHAINS -A input -p tcp -i $EXTERNAL_INTERFACE -d $IP_ADDRESS_0 -j DENY

$IPCHAINS -A input -p udp -i $EXTERNAL_INTERFACE \
          -d $IP_ADDRESS_0 $UNPRIVILEGED_PORTS -j DENY

$IPCHAINS -A output -p icmp -i $EXTERNAL_INTERFACE -s $IP_ADDRESS_0 5 -j DENY

#$IPCHAINS -A input -p icmp -i $EXTERNAL_INTERFACE \
#          -s $ANYWHERE 5 13 14 15 16 17 18 -d $IP_ADDRESS_0 -j DENY

##############################################
# Allow everything else on the output chain. #
##############################################

$IPCHAINS -A output -i $EXTERNAL_INTERFACE -s $IP_ADDRESS_0 -j ACCEPT

#############################################################################
# Masquerade the internal network so we have access to the Internet through #
# our connection on the $EXTERNAL_INTERFACE.                                # 
#############################################################################
 
$IPCHAINS -A forward -i $EXTERNAL_INTERFACE -s $INTERNAL_NETWORK -j MASQ


<<< end


mail main at : [EMAIL PROTECTED]
web f51.w3.to
linux project LinuxMelayu.w3.to
web mail f51.i-p.com
icq #781787



-----Original Message-----
From:   "[EMAIL PROTECTED]" 
<[EMAIL PROTECTED]> on behalf of    "Sheridan Hawken" 
<[EMAIL PROTECTED]>
Sent:   Friday, November 03, 2000 6:08 AM
To:     "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
Cc:     "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
Subject:        Re: [expert] IP Masquerading

Hi Jon,

I would use port forwarding.  The rule in ipchains looks like this:

/usr/sbin/ipmasqadm portfw -a -p tcp -L InternetIP  Port -R InternalIP Port

/usr/sbin/ipmasqadm portfw -a -p tcp -L xxx.xxx.xxx.xxx 80 -R xxx.xxx.xxx.xxx 80 ( 
this allows http through to an internal machine )

There are some good how to docs on Ipchains at www.linuxdoc.org that can tell you more 
about it.

Sheridan


Jon Greisz wrote:

> I'm a linux newbie.  I've set up a machine with Mandrake 7.1 that I'm about to 
>convert to 7.2.  I want to use it as a firewall between my internal network and my 
>outside T1.  I've got a firewall script set up using IPChains that seems to work 
>pretty well.  I created and used internal network IP addresses.
>
> I've got several machines where I would like certain ports to get through the 
>firewall.  I have assigned internet IP addresses for these machines that I would like 
>to translate to my internal IP's, and reverse it going out.  But only on certain 
>ports.
>
> What is the best approach for this?
>
> Thanks,
>
> Jon Greisz
>
> *********** REPLY SEPARATOR  ***********
>
> On 11/2/00 at 8:45 AM Mark Johnson wrote:
>
> >Yes, this looks like another eruption of off-topic posts...  IMHO, VB should
> >be ported because that is the only way to achieve portability for MS Office
> >documents.  StarOffice is really cool but ultimately not feasible if you are
> >exchanging documents with a group of MS Office folks.  Unfortunately, VB
> >would bring office products closer to managing that feasiblity.
> >Unfortunately, VB is not an elegant language but it suits it's purpose.  Too
> >bad tcl, perl, python, java, or javascript wasn't used for building these
> >dynamic docs.  But those languages present quite a learning curve, this was
> >VB strength.  Also, it enabled MS to lock in a lot of folks to it's
> >proprietary ways of doing things.
>
>   ------------------------------------------------------------------------
> Keep in touch with http://mandrakeforum.com:
> Subscribe the "[EMAIL PROTECTED]" mailing list.

Keep in touch with http://mandrakeforum.com: 
Subscribe the "[EMAIL PROTECTED]" mailing list.

RE: [expert] IP Masquerading

Reply via email to