Hey Everyone,
Ambrose and myself (so far) are getting ready for a serious re-work
of the HOWTO and the MASQ WWW page. I'm asking all of you for ideas,
comments, etc on what you would like to see added/changed/deleted from
both the MASQ WWW page and the HOWTO.
No idea, comment, etc is too small. This is my tentative list in
no particular order. If you would like to contribute to some of
the more esoteric areas (GUI firewall tools, DHCPcd, EQL, etc),
please let us know!
--
MASQ WWW/HOWTO To-do list : v1
Clean up the MASQ WWW page and move all the < 2.0.35 stuff to
a sub-page. Unclutter things.
Update the HOWTO to be multi-distrobution (Redhat, Slackware, etc)
Add a strong IPFWADM ruleset (can use TrinityOS's if we want but
I need to add the proper -k options)
Add IPCHAINS and a strong IPCHAINS ruleset section
Mention the differences of all the redirectors and why
some are better (IPPORTFW) than others (IPAUTOFW)
Make some recommendations to have users NOT compile in
AUTOFW, PORTFW, and TRANS_PROXY if not needed
Add IPFWADM/IPCHAINS ruleset execution from /etc/ppp/ip-up
(now in TrinityOS)
Possibly mention references to some of the GUI IPFWADM tools.
Mason, DotFile Generator, etc. I also think these should
be reviewed and rated since many of them are VERY complicated.
(I also don't think any of them support IPCHAINS yet)
You had mentioned EQL integration but the documentation for
EQL is light at best. Maybe we can recruit someone to write
this for us!
Add Diald notes to the HOWTO
Make recommendations for users to run "ps aux | more" and kill
off all un-needed processes and how to disable them permanently.
Add a multi-nic / multi-masq setup example
Mention the new Dan Kegel "Loose UDP" patch
Mention the PPTP (GRE) patch
Mention the different Idents for MASQ
Rating the differences should be good too
Mention how to get DHCP running for IPFWADM rulesets
Mention that some cablemodem vendors hard-code the MAC address
into their systems. So, if the user had the cablemodem initially
installed on a windows box with a different NIC, they will
have to either call the vendor to get the MAC changed or move
the NIC into the Linux box.
Add a URL to the mini-CuSeeme-HOWTO
Common Q&A (mini-FAQ) section
- Increase the interface's TCP window
- FTP needs the FTP MASQ module
- Problems with MTUs
- don't use /dev/cua0 to /dev/ttyS0
- be sure to add spd_vhi to setserial
Add a masq TESTING section
--
.----------------------------------------------------------------------------.
| David A. Ranch - Linux/Networking/PC hardware [EMAIL PROTECTED] |
!---- ----!
`----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----'
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
