2.8. Requirements for IP Masquerade on Linux 2.0.x

" ** Please refer to IP Masquerade Resource for the latest information. ** "

• Any decent computer hardware. See Section 7.2 for more details.

• The 2.0.x kernel source is available from http://www.kernel.org/.

  NOTE: Most modern Linux Section 7.1 that natively come with 2.0.x kernels are typically modular kernels and have all the IP Masquerade functionality already included. In such cases, there is no need to compile a new Linux kernel. If you are UPGRADING your kernel, you should be aware of other programs that might be required and/or need to be upgraded as well (mentioned later in this HOWTO).

• Loadable kernel modules, preferably 2.1.85 or newer is available from http://home.pi.se/blox/modutils/index.html or ftp://ftp.kernel.org/pub/linux/utils/kernel/modutils (modules-1.3.57 is the minimal requirement)

• A properly configured and running TCP/IP network running on the Linux machine as covered in Linux NET HOWTO and the Network Administrator's GuideAlso check out the TrinityOS document which is also authored by David Ranch. TrinityOS is a very comprehensive guide to Linux networking. Topics include IP MASQ, security, DNS, DHCP, Sendmail, PPP, Diald, NFS, IPSEC-based VPNs, performance issues, and many more. There exists over fifty sections in all!

• Connectivity to the Internet for your Linux host is covered in Linux ISP Hookup HOWTO, Linux PPP HOWTO, and TrinityOS. Other helpful HOWTOs could include: Linux DHCP mini-HOWTO, Linux Cable Modem mini-HOWTO and Linux DSL HOWTO

• Ipfwadm 2.3.0 or newer is available from http://www.xos.nl/linux/ipfwadm/download.html

• More information on version requirements are on the Linux IPFWADM page

• If you are interested in running IPCHAINS on a 2.0.x+ kernel, see Willy Tarreau's IPCHAINS enabler for 2.0.36+ or Rusty's IPCHAINS for 2.0.x kernels. Please note that these patches are NOT compatible with the IPPORTFW patches for the 2.0.x kernels. Unfortunately, its an either/or deal.

• Know how to configure, compile, and install a new Linux kernel as described in the Linux Kernel HOWTO. This HOWTO does cover kernel compiling but only for IP Masquerade related options.

Here is a list of IP Masquerading patches for 2.0.x kernels:

• Steven Clarke's IP PortForwarding (IPPORTFW) - RECOMMENDED

• IP AutoForward - NOT Recommended

• REDIR for TCP (REDIR) - NOT Recommended unless required for internal PORTFW

• UDP redirector (UDPRED) - NOT Recommended

• PORTFWed FTP:

  • If you are going to port forward FTP traffic to an internal FTP server, you might need to download Fred Viles's FTP server patch The reason for "might" is that some users have had success without the use of these pathches, while others need it. Explicit details on this topic can be found in Section 6.7 of this HOWTO.

• X-Windows display forwarders:

  • X-windows forwarding (DXCP)

• PPTP (GRE) and SWAN (IPSEC) VPNs tunneling forwarders:

  • If you plan connecting an internal MASQed PC to a remote PPTP server, you MUST INSTALL the PPTP-Masquerade kernel patch available from the URLsbelow. If you plan on having external PPTP users connect to an internal masqueraded PPTP server, not only do you need the kernel patch installed but you also need PORTFW support enabled in the kernel. Please see the following URLs for the patches and more information:

    John Hardin's VPN Masquerade forwarders or the old patch for just PPTP Support.

• Game specific patches:

  • Glenn Lamb's LooseUDP for 2.0.36+ patch.