On Fri, Oct 20, 2000 at 12:44:37PM -0700, Stephen nyc wrote: > Can someone point me in the right direction to find a > good basic script with documentation that works with > debian? Unfortunately, I don't have as much time as I > would like to dig into the internals on ip-chains at > this time. Someday...
Try out the ipmasq package. From the description: This package contains scripts to initialize IP Masquerade for use as a firewall. IP Masquerade is a feature of Linux that allows an entire network of computers to be connected to another network (usually the Internet) with only one network address on the other network. IP Masquerade is often referred to as NAT (Network Address Translation) on other platforms. By default, this package configures the system as a basic forwarding firewall, with IP spoofing and stuffed routing protection. The firewall will allow hosts behind the firewall to get to the Internet, but not allow connections from the Internet to reach the hosts behind the firewall. However, ipmasq now features a very flexible framework where you can override any of the predefined rules if you so choose. It also allows you to control if the rules are reinterpreted when pppd brings a link up or down. This package should be installed on the firewall host and not on the hosts behind the firewall. IP Masquerade requires the kernel to be compiled with CONFIG_FIREWALL, CONFIG_IP_FIREWALL, CONFIG_IP_FORWARD, and CONFIG_IP_MASQUERADE
