[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ipmasq diald and mail





Joe wrote:

> Put this in your rc.local so it will enable at boot.
>
> /sbin/ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0
> /sbin/ipfwadm -F -p deny
>
> Correct the ip entry to match your internal network
> addresses.  Every machine must have an ip within this
> class C, make the linux box .1, which will be the
> gateway for all the other machines you wish to serve
> tcp/ip to.
>
> That's all there is to it.  Of course your kernel needs
> to have ip_masq support compiled.
>
> Joe

Hi

the ip-masq commands above will cause my linux
box to use ip-masq for my internal network, but
what about protecting my linux-box itself ?
if i deny network I/O with ipfwadm on my linux, it will
deny also masqurading for the internal net.

regards
erez