NOTE: Most modern Linux Section 7.1 that
natively come with 2.0.x kernels are typically modular kernels and have
all the IP Masquerade functionality already included. In such cases,
there is no need to compile a new Linux kernel. If you are UPGRADING your
kernel, you should be aware of other programs that might be required and/or
need to be upgraded as well (mentioned later in this HOWTO).
A properly configured and running TCP/IP network running on the Linux machine
as covered in Linux
NET-3-4 HOWTO and the Network Administrator's GuideAlso check out the
TrinityOS document which is also authored by David Ranch. TrinityOS is
a very comprehensive guide to Linux networking. Topics include IP MASQ,
security, DNS, DHCP, Sendmail, PPP, Diald, NFS, IPSEC-based VPNs, performance
issues, and many more. There exists over fifty sections in all!
Know how to configure, compile, and install a new Linux kernel as described in
the Linux Kernel
HOWTO. This HOWTO does cover kernel compiling but only for IP
Masquerade related options.
Here is a list of IP Masquerading patches for 2.0.x kernels:
If you are going to port forward FTP traffic to an internal FTP server, you
might need to download Fred Viles's FTP server patch via HTTP or
Fred
Viles's FTP server patch via FTP. The reason for "might" is that some
users have had success without the use of these pathches, while others need it.
Explicit details on this topic can be found in Section 6.7 of
this HOWTO.
PPTP (GRE) and SWAN (IPSEC) VPNs tunneling forwarders:
If you plan connecting an internal MASQed PC to a remote PPTP server,
you MUST INSTALL the PPTP-Masquerade kernel patch available from the URLsbelow.
If you plan on having external PPTP users connect to an internal masqueraded
PPTP server, not only do you need the kernel patch installed but you also need
PORTFW support enabled in the kernel. Please see the following URLs for the
patches and more information: