/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */
Hello all, my linux pc lives on a small network with Internet server in it. We share our internet with this serever. The problem is that I pay a lot for this internet access and want to reduce this paying. So I have 2 pcs and have made one of them linux server too. And with this second server i split my internet access with somee other guys. My question is: Does the masquerading work in this case with such a rullset: #rc.masq #this is the iptables initialization script IPTABLES=/usr/local/sbin/iptables LAN="192.168.1.0/24" ANY="0.0.0.0/0" CREAM="52:54:05:C0:95:7D" IVO="00:80:AD:90:3F:6A" IVANOV="00:40:95:30:EE:4F" echo "1" > /proc/sys/net/ipv4/ip_forward $IPTABLES -F $IPTABLES -t nat -F #Enabling forwarding only on some MAC addresses $IPTABLES -A FORWARD -s $LAN -d $ANY -m mac --mac-source $IVANOV -j ACCEPT $IPTABLES -A FORWARD -s $LAN -d $ANY -m mac --mac-source $IVO -j ACCEPT $IPTABLES -A FORWARD -s $LAN -d $ANY -m mac --mac-source $CREAM -j ACCEPT $IPTABLES -A FORWARD -s $ANY -d $LAN -j ACCEPT #Here is my question? #Does this masquerading work fine. Does all the packets seem to be #generated by my server and is there ANY TRAFFIC between the main server #and my clients? $IPTABLES -t nat -A POSTROUTING -s $LAN -j MASQUERADE $IPTABLES -P INPUT ACCEPT $IPTABLES -P OUTPUT ACCEPT $IPTABLES -P FORWARD DROP $IPTABLES -t nat -P POSTROUTING DROP #end of rc.masq _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
