[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SLUG] IP Masq

I use the following simple rules to setup my IP Masq on our network and they
work just fine

(Using RH6.1 Kernel 2.0.x)

# This is setup for IP Masq
/sbin/ipfwadm -F -p deny
/sbin/ipfwadm -F -a m -S
/sbin/ipfwadm -A -i -P all -W ppp0
echo "IP Masq Enabled"

But I would like the ability of disabling a single machine accessing the net via
IP Masq and have been unable to figure out how to do it.

I have located this while looking through the Linux IP Masq website

# Enable simple IP forwarding and Masquerading
#  NOTE:  The following is an example to only allow IP Masquerading for the
# and machines with a or a "24"
#         bit subnet mask connected to the Internet on interface eth0.
#         ** Please change this network number, subnet mask, and your Internet
#         ** connection interface name to match your internal LAN setup
#         Please use the following in ADDITION to the simple rulesets above for
#         specific MASQ networks.
/sbin/ipfwadm -F -p deny
/sbin/ipfwadm -F -a m -W eth0 -S -D
/sbin/ipfwadm -F -a m -W eth0 -S -D

But this is a bit painful having to enter an allow by IP, I would rather just
disallow the single address.

Anyone got an idea for this ?


Peter McCarthy

SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug