Re: [Masq] question about LARGE numbers of masqed machines

Sat, 18 Sep 1999 07:37:25 -0700 

/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */



Hi Dave --
        Sounds like a lot of fun. I don't think you'll need a rule for
every machine, though, as you can have network addresses for the source
and destination addresses, i.e. I have a 10.0.0.0/24 network, and that is
how it appears in my ipchains rules:

/sbin/ipchains -A input -j ACCEPT -s 0/0 80 -d 10.0.0.0/24 1024: -p tcp

That way, you don't have to add a pair of rules every time you add a box.
Of course, you can write a shell or perl script that will do that for you
in order to save you from carpal tunnel. You probably know enough
shell/perl to figure that out, though, so I won't go into that. 

Have fun --
Dan


Dan Debertin
[EMAIL PROTECTED]

On Wed, 15 Sep 1999 [EMAIL PROTECTED] wrote:

> /* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */
> 
> 
> 
> G'day folks,
>               I am considering using a decent Linux machine to use as an IP Masq
> box. It would have two gigabit ethernet cards and would potentially
> "hide" 2000-3000 machines.
> 
> Are there any problems that I might encounter? This machine would need
> to keep track of the megabytes sent and received hence the need for one
> HUGE table of ipfwadm-type commands, i.e. one line for each user for
> each direction.
> 
> Any general comments on this scale of things?
> 
> Thanks for any info on this, Dave.
> 
> 
> -- 
> David Ryan - [EMAIL PROTECTED]    http://www.snowy.net.au
> Smart Radio Systems Phone: 02 64525555   Fax: 02 64524317
> Cooma, NSW 2630, Australia
> 
> 
> _______________________________________________
> Masq maillist  -  [EMAIL PROTECTED]
> Admin requests can be handled at http://www.indyramp.com/masq-list/
> or email to [EMAIL PROTECTED]
> 
> PLEASE read the HOWTO and search the archives before posting.
> You can start your search at http://www.indyramp.com/masq/
> Please keep general linux/unix/pc/internet questions off the list.
> 


_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES 
UNSUBSCRIBING!
or email to [EMAIL PROTECTED]

PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.

Reply via email to