Doug Clements <[EMAIL PROTECTED]> wrote:
>
> Any particular place I should look if I say, wanted to act like I was
> cool and start coding this? Maybe some kernel programming stuff? I'm
> not sure exactly what I'm getting into here, but maybe it's not so
> hard.
The main reason you're not having much luck on this list is because
you're assuming that it's an IP Masq issue. It isn't! It's a routing
issue. You see, masquerade only comes into play AFTER the kernel has
already decided how it's going to route the packet that it received.
The routing table makes the decision of where the packet will go, and
only THEN does the kernel consult the ipfwadm/ipchains rule sets, in
order to decide if that decision should be allowed/denied/masq'd.
There's really no way to add a rule that says "no wait, I didn't mean to
route it that way, try this instead." :)
Now, that said, there is considerable code in the development (2.1 and
pre-release 2.2) kernels involving routing. Just browsing through the
Configure.help file, I found these fun options just waiting to be played
with:
CONFIG_IP_ADVANCED_ROUTER
If you intend to run your Linux box mostly as a router, i.e. as a
computer that forwards and redistributes network packets, say Y; you
will then be presented with several options that allow more precise
control about the routing process.
CONFIG_IP_MULTIPLE_TABLES
Normally, a router decides what to do with a received packet based
solely on the packet's final destination address. If you say Y here,
the Linux router will also be able to take the packet's source
address into account. Furthermore, if you also say Y to "IP: use TOS
value as routing key" below, the TOS (Type-Of-Service) field of the
packet can be used for routing decisions as well.
CONFIG_IP_ROUTE_MULTIPATH
Normally, the routing tables specify a single action to be taken in
a deterministic manner for a given packet. If you say Y here
however, it becomes possible to attach several actions to a packet
pattern, in effect specifying several alternative paths to travel
for those packets. The router considers all these paths to be of
equal "cost" and chooses one of them in a non-deterministic fashion
if a matching packet arrives.
CONFIG_IP_ROUTE_TOS
The header of every IP packet carries a TOS (Type of Service) value
with which the packet requests a certain treatment, e.g. low latency
(for interactive traffic), high throughput, or high reliability. If
you say Y here, you will be able to specify different routes for
packets with different TOS values.
Disclaimer: I don't know how to use any of the above; just pointing out
that they are available. :)
--
[EMAIL PROTECTED] (Fuzzy Fox) || "Nothing takes the taste out of peanut
sometimes known as David DeSimone || butter quite like unrequited love."
http://www.dallas.net/~fox/ || -- Charlie Brown
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
