On Tue, Mar 25, 2003 at 08:41:59AM +0530, Binand Raj S. wrote: > On Mon, Mar 24, 2003 at 09:24:46AM +0530, Dileep M. Kumar wrote: > ##################################################################### > ## Masquerade everything out eth0 for all machines > ##################################################################### > iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
>>Note that this is the worst way of masquerading private traffic onto a >>public network. I personally do not recommend setting up NAT this way. >>(Hint: Where are you checking the source of the packet?) Yes. That is not the firewall script which I use. See Rusty's 3 line MASQ script. It is not for direct use. > Warning: If your private network contains any vital information, think > carefully in terms of SECURITY before implementing IP Masquerade. By > default, IP MASQ becomes a GATEWAY for you to get onto the Internet, > but it also can allow someone from the Internet to possibly get into > your internal network. >>Huh? What nonsense. Can you tell us how that is possible?? Better ask Mr. David A. Ranch <[EMAIL PROTECTED]> http://tldp.org/HOWTO/IP-Masquerade-HOWTO/ipmasq-compiling3.0.html Regards -- .''`. Dileep M. Kumar <[EMAIL PROTECTED]> : :' : http://www.kumarayil.net `. `'` `- Debian GNU/Linux - Choice of the Freedom Lovers ------------------------------------------------------- This SF.net email is sponsored by: The Definitive IT and Networking Event. Be There! NetWorld+Interop Las Vegas 2003 -- Register today! http://ads.sourceforge.net/cgi-bin/redirect.pl?keyn0001en _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
