Re: IP masquerade: To work or not to work??

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: David Woodhouse: "Re: fbcon: Boot Logo flickers"
• Previous message: Alexander Kjeldaas: "International kernel patch v2.1.124.2"
• Next in thread: Simon Kenyon: "Re: UDI and Free Software"
• Reply: Simon Kenyon: "Re: UDI and Free Software"

> I did recompile my kernel successfully (no error at make config, make
> zImage, make modules, make module_install..etc) for supportin IP
> masquerade/IP forwarding. I ve selected all The options of kernel's
> recompilation that IP masquerade miniHOWTO did ask me to enable:
> (CONFIG_EXPERIMENTAL, all the IP supports, module, networkin, TCP/IP, PPP,
> everythin! they were all enabled).

> But when I boot with my new kernel, I was surprised to see " DISABLING
> IPV4 PACKET FORWARDING" among my usual bootin messages!

This is a RedHat-ism. Somewhere in the init scripts, it does the
equivalent of

echo 0 > /proc/sys/net/ipv4/ip_forward

which disables forwarding.

> 2)WHAT MAKES THING ITS NOT RECOMPILED ON MY SYSTEM:
> #/proc/net/ip_masquerade:
> Prc From IP F Prt TO IP Tprt Masq Init seq Delta Pdelta Expires (free=4096,$)

This lists *active* masquerading entries. If the file exists, then
masquerading support is compiled in.

> #/proc/net/ip_masqu_app:
> Prot port attach name

This file lists any protocols which have protocol-specific masquerade
support enabled (FTP, IRC, Quake, CU-SeeMe, RealAudio, VDO-live). It
will be empty unless you have loaded one of these modules.

> #/proc/net/ip_autofw:
> type prot low High Vis Hi dWhere last cpto cprt timer flags

Again, this will be empty if no connections are currently being
masqueraded.

> #/proc/net/ip_forward:
> IP firewall forward rules, default 4

This lists the rules for the forwarding firewall (i.e. the same
information that `ipfwadm -Fl' provides).

> #/proc/sys/net/ipv4/ip_forward
> 0 ( theres a "0" under this file!)

Yep. This is the one that controls whether forwarding is enabled.
Typing

echo 1 > /proc/sys/net/ipv4/ip_forward

will enable forwarding.

> #/etc/sysconfig/network
> NETWORKING=yes
> FORWARD_IPV4=false

This is the file which controls whether forwarding is disabled at boot
time. Try changing `false' to `yes'.

> Also..IP masquerade HOWTO asked to add in /etc/rc.d/rc.local following
> arguments:
> /sbin/depmod -a
> /sbin/modprobe ip_masq_ftp
> /sbin/modprobe ip_masq_irc
> ..etc.
> But when I run /sbin/modprobe ip_masq,

Do you mean `/sbin/modprobe ip_masq_ftp' etc?

> my system returns to me the following error:CANT LOCATE MODULE!!

Do the files exist in /lib/modules/<kernel version>/ipv4?

cerise:~$ ls -l /lib/modules/2.0.35/ipv4
total 29
-rw-rw-r-- 1 glynn root 2360 Jul 14 12:21 ip_masq_cuseeme.o
-rw-rw-r-- 1 glynn root 4124 Jul 14 12:21 ip_masq_ftp.o
-rw-rw-r-- 1 glynn root 2956 Jul 14 12:21 ip_masq_irc.o
-rw-rw-r-- 1 glynn root 2740 Jul 14 12:21 ip_masq_quake.o
-rw-rw-r-- 1 glynn root 2892 Jul 14 12:21 ip_masq_raudio.o
-rw-rw-r-- 1 glynn root 2896 Jul 14 12:21 ip_masq_vdolive.o

-- 
Glynn Clements <glynn@sensei.co.uk>

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: David Woodhouse: "Re: fbcon: Boot Logo flickers"
• Previous message: Alexander Kjeldaas: "International kernel patch v2.1.124.2"
• Next in thread: Simon Kenyon: "Re: UDI and Free Software"
• Reply: Simon Kenyon: "Re: UDI and Free Software"