Re: Networking with Win95

Thu, 30 Apr 1998 20:22:28 -0400 


> >ipfwadm -F -a m -S 192.168.0.0/24 -D 0.0.0.0/0

> again the tool, -F same as above, -a same as above, m mens masquerade, -S I
> don't know but it's in the IP Masq mini howto =), 192.168.0.0/24 means
> masquerade your subnet, -D means data, 0.0.0.0/0 means forward it to the
> assigned subnet from anywhere (or something like that).

No, this is only partially correct.

 -F 
   This represents a forwarding rule

 -a
   Append this rule to the end of the list of current rules

  m
   This is a masquerading rule

 -S
   source address

 192.168.1.0/24
   This is the network you wish you masquerade, with a 255.255.255.0
   netmask 

 -D 0/0
   This defines `to ANY' address as a destination.

> >I assume that the recent 2.0 series of kernels (the one supplied with RH 5)
> >support IP Masquerade?  I don't need to move to a 2.1 series kernel?  What
> does
> 
> Nope. They only have the bare necessities in there to run your system. The
> normal thing to do is to recompile a new kernel after your finished a fresh
> install, to include drivers for your own hardware, add in patchs to fix
> exploits, etc...

No, this is not good advise.  We need to produce commodity software here.
People can't possibly be expected to recompile their kernel every time.
Unless there is a specific need, it should not be necessary.  Wait for the
next vendor release.  It won't make your system faster, use less memory,
etc..

> Please don't ask me to explain what this all means. Go read the
> kernel-howto and the lilo-howto and the ip-masq-mini-howto. It's all right
> on those documents.

I'm sorry, this is also bad advise.  Why bother to type in all that
information, then preface it with 'please read the docs'.  Point the user
in the direction of the documentation, and _then_ explain any problems if
necessary.  That's why its there.

Especially for a new user.  Nothing is more of a turn-off than to be
forced into doing what will amount to hours of work just to get something
simple done, and unecessarily.  Additionally, the user will only come back
here when he follows your directions, and something goes wrong.

 Dave



-- 
  PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
         To unsubscribe: mail [EMAIL PROTECTED] with 
                       "unsubscribe" as the Subject.

Reply via email to