>From the Masq. HOWTO (whose long examples would be relevant for a
firewalling-from-scracth HOWTO...) I eventually figured out that what
I need is::
/sbin/iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
This works fabulously. I already have a firewall setup by RH-Lokkit
(internal network fully trusted, modem not trusted), to which I add
this single masqerading line. My question is: does the masquerading
open any holes not normally accounted for in firewalls? Should I take
additional firewalling steps or is it OK (assuming Lokkit's protection
is fine for me)?
--
Beni Cherniavsky <[EMAIL PROTECTED]>
Look, Mom, no viruses! [Hint: I use GNU/Linux]
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
