LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   setting up IP Masquerade for linux router (https://www.linuxquestions.org/questions/linux-networking-3/setting-up-ip-masquerade-for-linux-router-3714/)

tyler_durden 06-26-2001 11:23 AM
setting up IP Masquerade for linux router
 
I currently have a cable modem that is shared among several roomates. I also have a linux box that does samba and a bunch of other stuff on the local network. i want to set up a router with linux to share the cable modem. We currently use win2k on the router with internet connection sharing. this works, but i am looking for a better solution.
i have set up and used freesco, but the ip masquerade doesn't allow for certian things that work with win2k nat. for example, age of empires 2 will not work with freesco, but will work with win2k nat.
Is there a way that i can set up ip masquerade to allow most connections, even weird ones like age of empires, and most other games, and still secure the internal network. win2k seems to work fine for this, but i am sure there is a better solution for linux. thanx for the help.

jrmann1999 06-26-2001 03:19 PM
You have run into the problem that most gamers/masqueraders hit at one point or another. The issue is that games like AOE sometimes use Random(but predictable) ports in a certain range. Since your kernel cannot magically find these ports, or realize that it's a game not an intruder it doesn't like them. There are many sites on the net that show you how to enable certain ports. If your truly using ipchains I'd suggest:

www.tsmservices.com/masq/

It's still updated, but with iptables being the big boy on the block it's a bit obsolete. Good luck.

J

jharris 06-26-2001 03:22 PM
Setting up IP Masquerading is very straight forward... Have a look at http://www.linuxdoc.org/HOWTO/IP-Masquerade-HOWTO.html and http://www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO.html (assuming you are on 2.2.).

Once the cable modem is setup on the linux box (a different story, search the forum!) it basically boils downto
Code:
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -s 192.168.1.0/24 -j MASQ
This assumes you are using 192.168.1.x as you IP addresses. You then just set your linux box as the default gateway for your other machines and its job done.

Most things work for me, and there are a lot of additional modules to help when things don't.

HTH

Jamie...

tyler_durden 06-26-2001 05:42 PM
how does win2k masquarading know those. is there a way to allow most incoming connections by default. i am more worried about everything working then security


All times are GMT -5. The time now is 06:23 AM.