IP Masquerade is a networking function in Linux similar to the one-to-many
(1:Many) NAT (Network Address Translation) servers found in many commercial
firewalls and network routers. For example, if a Linux host is connected to
the Internet via PPP, Ethernet, etc., the IP Masquerade feature allows other
"internal" computers connected to this Linux box (via PPP, Ethernet, etc.) to
also reach the Internet as well. Linux IP Masquerading allows for this
functionality even though these internal machines don't have
an officially assigned IP address.
MASQ allows a set of machines to invisibly
access the Internet via the MASQ gateway. To other machines on the Internet,
the outgoing traffic will appear to be from the IP MASQ Linux server itself.
In addition to the added functionality, IP Masquerade provides the foundation
to create a HEAVILY secured networking environment. With a well built firewall,
breaking the security of a well configured masquerading system and internal
LAN should be considerably difficult to accomplish.
If you would like to know more on how MASQ (1:Many) differs from 1:1 (true) NAT
and Proxy solutions, please see the Section 7.6 FAQ entry.
