I've been doing this (masquerading) for some time. Here are answers to
your questions:
1. You do not have to run a proxy, or do anything special on your
client computers. Just set the "default gateway" on all your client
computers to the IP address of the masquerading computer.
2. You cannot DIRECTLY telnet into client computers behind the
masquerading firewall. But you can do it indirectly. First, telnet
into the gateway computer. Then, while inside the telnet client, open
**another** telnet session to the client you want to reach. The client
can not be contacted directly, but the gateway computer can contact it
just fine.
3. All you clients should be able to run quake, irc, ftp, etc
transparently. Special modules are required to "assist" the
masquerading software, but these are included in most distributions by
default.
4. I think it is "moderately" safe. Be sure to restrict the number of
services available on the gateway machine to only those truly needed.
If somebody really wants to trash your computer, I assume they will be
able to find a way. But it should stop most casual krackers.
On Sat, 17 Jul 1999 22:28:53 -0300, Alexandre Souza wrote:
>
> Hi all!
>
> I have a more or less simple doubt, I'm trying to learn it but cannot make
>it become clear to me.
>
> I have an internet dial up. A Linux Box and an internal network. I want to
>give internet acess to all the machines on this network, via the dial up.
>
> Sure, I set up the IP Masquerading in linux and it works. But...my doubts
>are:
>
> 1 - Will the internal clients be set up as proxy clients or the
>masqueraded net will look like a normal internet?
> 2 - Will the external network have acess to the internal network (eg: If I
>want to telnet a machine in my internal network)
> 3 - Will the internal clients use quake, irc, irc, etc...transparently?
> 4 - How safe is it?
>
> Greetz, Alexandre Souza
>
Casey Bralla
Chief Nerd In Residence
The NerdWorld Organisation
http://www.NerdWorld.org
[EMAIL PROTECTED]
