/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */
From: Jamin W. Collins [mailto:[EMAIL PROTECTED]] > Actually, it is what you are looking for. You're just > looking to use it differently than how the HOWTO assumes. Excellent! I thought my requirements matched what IPMasq was doing, and I was reasonably sure that the HOWTO was just focussing on a different (more common) usage. But as a non-expert, I didn't trust my judgement :-) > If I understand what your're after, you are looking to > make sure that all connections to a client network are > show as originating from the same IP address even though > they are in fact coming from a variety of IP addresses, > this is most certainly NAT. Exactly. I've avoided calling it NAT, because the form of NAT we presently have has tended to be the cause of problems, rather than the solution :-) That's largely down to me not knowing enough to explain the difference between what we (globally) have, and what we (our local group) need... > Here are the basics of what you would need to do. Make > sure that the system you are going to use as the gateway > to the client's network/system, lets call this machine > CG (client gateway) can indeed connect to the client's > network/system. Arrange for all desired internal machines > to have a route(s) added that list the CG as their gateway > to the clients network. Then on the CG system, configure > iptables (or ipchains) to NAT/MASQ all traffic from the > internal machines to the client network. > > The above should work regardless of whether or not > you have one NIC, provided that the CG system has the > appropriate routing information to reach the client's > network/system. It will simply be rewriting the source > portion of the IP packets with it's own IP address and > sending the packets back out the same interface. That's a great help. It ties in with my vague picture of what I thought I was after, and gives me enough specifics that I suspect I'll be able to work the rest out. > If you need assistance in configuring things, I'd be happy > to help. Thanks for the offer. I'll see what I can do on my own - you've already given me the key answer that I need. Thanks, Paul. _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
