TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TCLUG:2381] IP-Masquerading: lost...



Here's the 411 from the kernel help:
--------snip-----------
The IP masquerading code will only work if IP forwarding is enabled
in your kernel; you can do this by saying Y to "/proc filesystem support"
and "Sysctl support" below and then executing a line like 
`echo "1" > /proc/sys/net/ipv4/ip_forward` from a boot time
script after the /proc filesystem has been mounted.
--------snip-----------
It's tough not to say "y" to /proc filesystem support, but the Sysctl is
different in 2.1.x kernels.  In older builds, there ars an option for IP
forwarding directly, thus the HowTo will need to be updated for 2.1.x
kernel builds.  Anyway, I couldn't find the sysctl option in the 2.1.x
series, but you should be allright by toggling the bit in
/proc/sys/net/ipv4/ip_forward from "0" to "1" in rc.local immediately
after the 2nd NIC is initialized (you wouldn't want any misdirected
packets).  Good Luck!

Peter Lukas
Math Systems Office
University of Minnesota

On Sat, 28 Nov 1998, Chad C. Walstrom wrote:

> Ok, all you firewalling gurus out there...  After compiling the kernel
> 2.1.121 with the appropriate options (or so I think), I tried to set the
> firewalling options to enable IP-Masquerading...
> 
> 	root@wookimus:~# ipfwadm -I -f
> 	ipfwadm: setsockopt failed: Protocol not available
> 
> Well.  What does this mean?  Did I miss a kernel option somewhere?
>  (BTW - in the make menuconfig, I couldn't find IP-Forwarding as a
> network option.  Did they include it automatically w/something else?)
> Plus, if I try to do the following:
> 
> 	# ipfwadm -F -l				(List the contents of ip_forward)
> 
> I get something like
> 
> 	Cannot open file /proc/net/ip_forward
> 
> I'm missing something here and I don't know what it is.
> 
> --
> Chewie / Gunnarr
> mailto:chewie@soncom.com
> http://www.soncom.com/chewie
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@listserv.real-time.com
> For additional commands, e-mail: tclug-list-help@listserv.real-time.com
> Try our website: http://tclug.real-time.com
> 
>