User Agent: Mutt 0.95i
In-Reply-To: <000301bf089f$f380ccb0$[EMAIL PROTECTED]>; from Andriy
Luchkovsky on Mon, Sep 27, 1999 at 12:22:46AM -0400
On Mon, Sep 27, 1999 at 12:22:46AM -0400, Andriy Luchkovsky wrote:
> > > Is diald working on top of masquerading or instead?
> > Diald is working at a differnt level from the firewall. The firewall
> > looks at all packets so it can figure out whether to allow them in or out
> > and also whether to masquerade them. Diald looks at packets that arrive
> > at the interface it is monitoring so it knows when to dial.
> >
> > They serve different purposes.
>
> So, when I surf the web, IPChains masquerades packets from my other PCs and
> kernel sends them to the default interface (because Internet is not a part
> of my in-home subnet).
Exactly. Except that the masquerading is actually done by the kernel.
IPChains merely tells the kernel to masquerade. Of course, your kernel
has to have the masquerading compiled in.
>At the same time diald is monitoring that default
> interface and when packets arrive to it, diald simply dials and actually
> sends the packets thru ppp0 interface.
> Is this correct?
This is correct when you use the -reroute option to diald in which case,
the proxy interface remains the default and things work as you describe.
The default behaviour is a little different:
After ppp0 is started, diald removes the proxy interface (sl0 or tap0 or
...) and replaces it with ppp0 which then becomes the default interface.
Diald continues to monitor the interface so it knows when it dies or
whether to shut it down, etc, but NOT for packets. The kernel sends
packets directly to ppp0 and ppp0 sends them along to the remote side of
the link. When the link goes down, either by intention or accident,
diald installs the proxy interface again, makes it the default interface
and monitors it for packet arrivals.
I suggest that you also read the Diald and IPChains web pages for more
rigorous descriptions of their operations. My simple explanation does
not do justice to the full functionalities they provide.
--
Gyepi Sam --+-- Designer/Programmer --+-- Network/System Administrator
[EMAIL PROTECTED] --+-- http://www.praxis-sw.com/gyepi
In Boston, it is illegal to hold frog-jumping contests in nightclubs.
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
