Talkback for article: 151, May2000

Setting up IP-Masquerading

Back to:

From: Ryan Jameson <ryan(at)> [ date: 2000-07-19 ]
Say your linux box has 1 real IP of and
your network machines all have 26.6.5.x, your server
knows that 26.6.5.x is on the local network and it
doesn't use the gateway to reach them. Can the other
machines ip masquerade through the server if it only
has one interface?
From: Guille Klew <guillerk(at)> [ date: 2000-08-23 ]
I just wanted to let u know that your page about IP masquerading
was very useful to me, because it really helped me out in configuring my
intranet using my PC with linux to connect to my ISP, and my sister's PC
(using Win98) connected to mine. I am a newbie and couldn't have done it
by myself
Your page is really cool, and I just wanted to tell you this.
From: jb <test2654(at)> [ date: 2000-09-28 ]
Using SuSE 6.3, I have done these things but cannot get it working. It may be easy to setup only if everything else works properly.

What sort of testing can be done to diagnose the problem. A sample file for rc.config, rc.firewall, networks, hosts etc. seem redundant until something goes wrong.
From: dn <dnel(at)> [ date: 2000-11-22 ]
Many Thanks.
I began using another How-TO but yours gave me the tips I needed (dns settings). I could ping out but not use the web until the dns settings were specified using the roaring penguin drivers.

From: LC <flop(at)> [ date: 2001-01-30 ]
I don't want any local process (ie. Netscape, lynx etc.) to connect to, but I want MASQed machins to be able to connect to that ip. Whow can I do that?
my MASQ is working properly, but if I try this:
ipchains -A output -d -j REJECT
it reject also connections from MASQed machines
Whow can I stop reject local processes connections whitout rejecting MASQed machins connections?
If you can help me, please email me
From: Nigel Ridley <<nospam>ridley_n(at)<nospam>> [ date: 2001-02-16 ]
Great article but am a little confused concerning:

echo "Setting up IP masquerading ..."
# People still using windows to surf the web must convert this
# to a UNIX text file before using it.

How do I convert it to a UNIX text file and where do I save it?

I'm a newbie and some things others might take for granted are still a mystery to me ;(


PS. take the <nospam> out of my email address - just a precaution against spam engines :)
From: ac <ac(at)dev.null> [ date: 2001-05-05 ]
>How do I convert it to a UNIX text file and where do I save it?

Just try the script and see if it works. What the author is talking about is some minor "differences" in how text files are formatted under UNIX/MacOS, and DOS/Windows. Every line will end in a terminating character - a "return" - but these are different among OS's.

If your downloaded version doesn't look right, you'll need a tiny script to repair the file. Sometext editors will do this for you (not an option, it's automatic).

If in doubt, search on for a "carriage return textfile utility" or "CR LF converter", or better yet ask someone on internet relay chat (IRC). There may be a utility on your system already - I forget what the popular names for the programs are.

On Windows, there are some advanced text editors that provide advanced save options.

NOTE: The script may work fine even if it is formatted funny. Try it.
From: Cherry [ date: 2001-06-07 ]
Is there any such thing as Windows IP Masquerading?
Solely windows based with no need to go thru a linux box at all?
if anyone could supply me with some links or the answer i would really appreciate it!!
Thanks In Advance
From: Jon Roar Odden <jon-odd(at)> [ date: 2001-06-11 ]
Thank God for this page... I've tried _everything_ the last two weeks,
but nothing seemed to work. Or nothing _did_ work. I've read ipmasq HOWTO,
ipchains HOWTO and so on. I'm really greatful actually.. This page explained
ip masquerading very easy without all the firewall things all the other pages
Thanks again. -jr
From: Scott [ date: 2001-08-31 ]
Any help on NAT for a web server on the internal network that needs to be made availiable on the internet?
From: Scott [ date: 2001-08-31 ]
Any help on NAT for a web server on the internal network that needs to be made availiable on the internet?
From: Warren Stott <warren(at)> [ date: 2002-04-07 ]
Thanks for having this available. As is the case with many HOW TO's and open documents, the author of the article I was following to set up a dual-homed Proxy/NAT server seems to have lost interest about half way through describing the proceedure. Thanks for the detail and to the point info.
From: L~ <lnelson(at)> [ date: 2004-03-23 ]
This is very informative - I found the diagram of the network to be almost
exactly what I have -

Question -

If the diagram was changed to be a simple home router (D-Link) that gets its info via DHCP how is that relationship set up between the 'out' NIC card
of the Linux box for the DHCP function on the simple router suppose to be set up to work?


13 talkbacks in English
Other talkbacks:   Nederlands Italiano Castellano Deutsch Francais

Due to the increased amount of web spam we have deciced to removed the talkback posting possibility. You can read old talkbacks but you can no longer post new ones.

Back to

Please contact webmaster(at) if you have any questions with regards to this talkback

lftalkback version 3.10