Sophie

Sophie

distrib > Mandriva > 2010.1 > x86_64 > by-pkgid > 965e33040dd61030a94f0eb89877aee8 > files > 2289

howto-html-en-20080722-2mdv2010.1.noarch.rpm

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML
><HEAD
><TITLE
>Requirements for IP Masquerade on Linux 2.2.x </TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="Linux IP Masquerade HOWTO"
HREF="index.html"><LINK
REL="UP"
TITLE="Background Knowledge"
HREF="ipmasq-background2.0.html"><LINK
REL="PREVIOUS"
TITLE="Requirements for IP Masquerade on Linux 2.4.x"
HREF="kernel-2.4.x-requirements.html"><LINK
REL="NEXT"
TITLE="Requirements for IP Masquerade on Linux 2.0.x"
HREF="kernel-2.0.x-requirements.html"></HEAD
><BODY
CLASS="SECT1"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>Linux IP Masquerade HOWTO</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="kernel-2.4.x-requirements.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
>Chapter 2. Background Knowledge</TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="kernel-2.0.x-requirements.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="KERNEL-2.2.X-REQUIREMENTS"
></A
>2.7. Requirements for IP Masquerade on Linux 2.2.x</H1
><P
><SPAN
CLASS="QUOTE"
>" <EM
>** Please refer to <A
HREF="http://ipmasq.webhop.net/"
TARGET="_top"
>IP 
Masquerade Resource</A
> for the latest information. **</EM
> "</SPAN
> </P
><P
>&#13;<P
></P
><UL
><LI
><P
>   Any decent computer hardware.  See <A
HREF="faq-hardware.html"
>Section 7.2</A
> for more 
   details.
  </P
></LI
><LI
><P
>    The 2.2.x kernel source is available from <A
HREF="http://www.kernel.org/"
TARGET="_top"
>    http://www.kernel.org/</A
>. 
   </P
><P
>    NOTE: Most modern Linux distributions, 
    <A
HREF="masq-supported-distributions.html"
>Section 7.1</A
>, that 
    natively come with 2.2.x kernels are typically modular kernels and have 
    all the IP Masquerade functionality already included.  In such cases, 
    there is no need to compile a new Linux kernel.  If you are UPGRADING your 
    kernel, you should be aware of other programs that might be required and/or 
    need to be upgraded as well (mentioned later in this HOWTO).
   </P
><P
></P
><UL
><LI
><P
>    NOTE #1:    --- UPDATE YOUR KERNEL ---

    Linux 2.2.x kernels less than version 2.2.20 contain several different 
    security vulnerabilities (some were MASQ specific).  Kernels less than 
    2.2.20 have a few local vulnerabilities.  Kernel versions less 
    than 2.2.16 have a TCP root exploit vulnerability and versions less than 
    2.2.11 have a IPCHAINS fragmentation bug.  Because of these issues, users 
    running a firewall with strong IPCHAINS rulesets are open to possible 
    instrusion.  Please upgrade your kernel to a fixed version.
    </P
></LI
></UL
></LI
><LI
><P
>  NOTE #2: Some newer <A
HREF="masq-supported-distributions.html"
>Section 7.1</A
> such as 
           Redhat 5.2 might not be Linux 2.2.x ready (upgradable).  Tools 
           like DHCP, NetUtils, etc. will need to be upgraded.  More details 
           can be found later in the HOWTO.</P
></LI
><LI
><P
>   Loadable kernel modules, preferably 2.1.121 or higher, are available from 
   <A
HREF="http://home.pi.se/blox/modutils/index.html"
TARGET="_top"
>   http://home.pi.se/blox/modutils/index.html</A
> or 
   <A
HREF="ftp://ftp.kernel.org/pub/linux/utils/kernel/modutils    "
TARGET="_top"
>ftp://ftp.kernel.org/pub/linux/utils/kernel/modutils</A
>
  </P
></LI
><LI
><P
>A properly configured and running TCP/IP network running on the Linux
machine as covered in 
<A
HREF="http://www.tldp.org/HOWTO/Net-HOWTO/index.html"
TARGET="_top"
>Linux NET HOWTO</A
> and the 
<A
HREF="http://www.tldp.org/LDP/nag2/index.html"
TARGET="_top"
>Network Administrator's Guide</A
> .  Also check out the 
<A
HREF="http://www.ecst.csuchico.edu/~dranch/LINUX/index-linux.html#TrinityOS"
TARGET="_top"
>TrinityOS</A
> document which is also authored by David Ranch.  TrinityOS is 
a very comprehensive guide for Linux networking.  Some topics include IP MASQ, 
security, DNS, DHCP, Sendmail, PPP, Diald, NFS, IPSEC-based VPNs, and 
performance sections, to name a few.  There are over Fifty sections in all!</P
></LI
><LI
><P
>Connectivity to the Internet for your Linux host covered in 
<A
HREF="http://www.tldp.org/HOWTO/ISP-Hookup-HOWTO.html"
TARGET="_top"
>Linux ISP 
Hookup HOWTO</A
>, <A
HREF="http://www.tldp.org/HOWTO/PPP-HOWTO/index.html"
TARGET="_top"
>Linux PPP HOWTO</A
>, and 
<A
HREF="http://www.ecst.csuchico.edu/~dranch/LINUX/index-linux.html#TrinityOS"
TARGET="_top"
>TrinityOS</A
>.  Other helpful HOWTOs could include:  
<A
HREF="http://www.tldp.org/HOWTO/mini/DHCP/index.html"
TARGET="_top"
>Linux DHCP 
mini-HOWTO</A
>, 
<A
HREF="http://www.tldp.org/HOWTO/Cable-Modem/index.html"
TARGET="_top"
>Linux Cable Modem mini-HOWTO</A
> and 
<A
HREF="http://www.tldp.org/HOWTO/DSL-HOWTO/index.html"
TARGET="_top"
>http://www.tldp.org/HOWTO/DSL-HOWTO/index.html</A
></P
></LI
><LI
><P
>IP Chains 1.3.10 or newer are available from 
<A
HREF="http://www.netfilter.org/ipchains/"
TARGET="_top"
>http://www.netfilter.org/ipchains/</A
>.  
Additional information on 
version requirements for the newest IPCHAINS HOWTO, etc is located at the 
<A
HREF="http://www.netfilter.org/ipchains/"
TARGET="_top"
> Linux IP Chains 
page</A
> <A
HREF="http://www.netfilter.org/ipchains"
TARGET="_top"
> (mirror at
Samba.org)</A
></P
></LI
><LI
><P
>Know how to configure, compile, and install a new Linux kernel as described in 
the <A
HREF="http://www.tldp.org/HOWTO/Kernel-HOWTO/index.html"
TARGET="_top"
>Linux Kernel 
HOWTO</A
>.  This HOWTO does cover kernel compiling but only for IP
Masquerade related options.</P
></LI
></UL
></P
><P
> <STRONG
> Other optional patches and tools for 2.2.x kernels</STRONG
>

 <P
></P
><UL
><LI
><P
>   TCP/IP port-forwarding or re-directing:
   <P
></P
><UL
><LI
><P
>      <A
HREF="http://ipmasq.webhop.net/juanjox/"
TARGET="_top"
>IP PortForwarding (IPMASQADM) 
- RECOMMENDED - mirror</A
> 
     </P
></LI
></UL
>

   </P
></LI
><LI
><P
>    PORTFW FTP Solutions:
    <P
></P
><UL
><LI
><P
>      There are 2.2.x and 2.0.x kernel MASQ Module solutions for PORTFWed FTP 
      to a MASQed machine (put an FTP server behind a MASQ server).  Please 
      see the Application Page on the <A
HREF="http://ipmasq.webhop.net"
TARGET="_top"
>      IPMASQ WWW site </A
> for full details.  Please note that this is not 
      required for 2.4.x kernels.
      </P
><P
>      There is a full FTP proxy application from SuSe that will also allow 
      PORTFWed-like functionality to reach an internal FTP server.  For more 
      details, please refer to the 
      <A
HREF="http://www.suse.de/en/whitepapers/proxy_suite/"
TARGET="_top"
>SuSe Proxy 
      URL</A
>.
      </P
></LI
></UL
>
   </P
></LI
><LI
><P
>   IPROUTE2 for True 1:1 NAT, Policy-based (source) routing, and Traffic 
   Shaping:

   <P
></P
><UL
><LI
><P
>      <A
HREF="ftp://ftp.inr.ac.ru/ip-routing/"
TARGET="_top"
>ftp://ftp.inr.ac.ru/ip-routing
      </A
>
     </P
></LI
><LI
><P
>     Documentation can be found at 
     <A
HREF="http://www.compendium.com.ar/policy-routing.txt"
TARGET="_top"
>     http://www.compendium.com.ar/policy-routing.txt</A
> 
     </P
></LI
><LI
><P
>     The <A
HREF="http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/index.html"
TARGET="_top"
>     Advanced Routing HOWTO</A
>
     </P
></LI
><LI
><P
>     Some source code mirrors are at:
     </P
><P
>     <A
HREF="ftp://ftp.funet.fi/pub/mirrors/ftp.inr.ac.ru/ip-routing/"
TARGET="_top"
>     ftp://ftp.funet.fi/pub/mirrors/ftp.inr.ac.ru/ip-routing/ (STM1 to USA)</A
>
     --- 
     <A
HREF="ftp://sunsite.icm.edu.pl/pub/Linux/iproute/"
TARGET="_top"
>     ftp://sunsite.icm.edu.pl/pub/Linux/iproute/</A
>
     </P
><P
>     <A
HREF="ftp://ftp.sunet.se/pub/Linux/ip-routing/"
TARGET="_top"
>     ftp://ftp.sunet.se/pub/Linux/ip-routing/</A
> --- 
     <A
HREF="ftp://ftp.nvg.ntnu.no/pub/linux/ip-routing/"
TARGET="_top"
>     ftp://ftp.nvg.ntnu.no/pub/linux/ip-routing/</A
>
     </P
><P
>     <A
HREF="ftp://ftp.crc.ca/pub/systems/linux/ip-routing/"
TARGET="_top"
>     ftp://ftp.crc.ca/pub/systems/linux/ip-routing/</A
> --- 
     <A
HREF="ftp://ftp.paname.org"
TARGET="_top"
>ftp://ftp.paname.org (France)</A
>
     </P
></LI
></UL
>
  </P
></LI
></UL
></P
><P
>Please see the <A
HREF="http://ipmasq.webhop.net/"
TARGET="_top"
>IP Masquerade Resource</A
> page for more information available on these patches and possibly 
others as well.</P
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="kernel-2.4.x-requirements.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="kernel-2.0.x-requirements.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Requirements for IP Masquerade on Linux 2.4.x</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="ipmasq-background2.0.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Requirements for IP Masquerade on Linux 2.0.x</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional