Chapter 7. Frequently Asked
Table of Contents
7.1. ( Distro )
- What Linux Distributions support IP Masquerading?
7.2. ( Requirements ) - What
are the minimum hardware requirements and any limitations
for IP Masquerade? How well does it perform?
7.3. ( Errors ) - When
I run my specific rc.firewall-* ruleset, I get "command not
found" errors. Why?
7.4. ( Still wont work ) -
I've checked all my configurations, I still can't get IP
Masquerade to work. What should I do?
7.5. ( Email list ) - How do I
join or view the IP Masquerade and/or IP Masqurade
Developers mailing lists and archives?
7.6. ( NAT vs. Proxy ) - How
does IP Masquerade differ from Proxy or NAT services?
7.7. ( GUI ) - Are there any GUI
firewall creation/management tools?
7.8. ( MASQ and Dynamic
IPs ) - Does IP Masquerade work with dynamically assigned
7.9. ( MASQ and various
networks ) - Can I use a cable modem (both bi-directional
and with modem returns), DSL, satellite link, etc. to
connect to the Internet and use IP Masquerade?
7.10. ( Dial on Demand ) - Can
I use Diald or the Dial-on-Demand feature of PPPd with IP
7.11. ( Apps ) - What
applications are supported with IP Masquerade?
7.12. ( Distro Setup ) - How
can I get IP Masquerade running on Redhat, Debian,
7.13. ( Timeouts ) -
Connections seem to break if I don't use them often. Why is
7.14. ( Odd Behavior ) - When
my Internet connection first comes up, nothing works. If I
try again, everything then works fine. Why is this?
7.15. ( MTU ) - IP MASQ seems to
be working fine but some sites don't work. This usually
happens with WWW and some FTP sites.
7.15.1. Enabling PMTU
Clamping for PPPoE and some PPP Users:
7.15.2. Clamping the
MSS via IPTABLES:
7.15.3. Changing the
External MTU of the MASQ server:
7.15.4. Changing the
MTU of various operating systems:
126.96.36.199. Changing the MTU on
188.8.131.52. Changing the MTU on MS
184.108.40.206. Changing the MTU on MS
Windows NT 4.x
220.127.116.11. Changing the MTU on MS
18.104.22.168. Changing the MTU on MS
7.16. ( FTP ) - MASQed FTP
clients don't work.
7.17. ( Performance ) - IP
Masquerading seems slow
7.18. ( PORTFW ) - IP
Masquerading with PORTFWing seems to break when my line is
idle for long periods
7.19. ( PORTFW - Locally ) - I
can't reach my PORTFWed server from the INTERNAL lan
7.20. ( Logs ) - Now that I have
IP Masquerading up, I'm getting all sorts of weird notices
and errors in the SYSLOG log files. How do I read the
IPTABLES/IPCHAINS/IPFWADM firewall errors?
7.21. ( Log Reduction ) -
My logs are filling up with packet hits due to the new
"stronger" rulesets. How can I fix this?
7.22. ( MASQ Security ) -
Can I configure IP MASQ to allow Internet users to directly
contact internal MASQed servers?
7.23. ( Free Ports ) - I'm
getting "kernel: ip_masq_new(proto=UDP): no free ports." in
my SYSLOG files. Whats up?
7.24. ( SETSOCKOPT ) - I'm
getting "ipfwadm: setsockopt failed: Protocol not
available" when I try to use IPPORTFW!
7.25. ( SAMBA ) - Microsoft File and
Print Sharing and Microsoft Domain clients don't work
through IP Masq!
7.26. ( IDENT ) - IRC won't work
properly for MASQed IRC users. Why?
7.27. ( IRC DCC ) - mIRC doesn't
work with DCC Sends
7.28. ( IP Aliasing ) - Can IP
Masquerade work with only ONE Ethernet network card?
7.29. ( Multiple-LANs ) - I
have two MASQed LANs but they cannot communicate with each
7.30. ( SHAPING ) - I want to be
able to limit the speed of specific types of traffic
7.31. ( ACCOUNTING ) - I need to
do accounting on who is using the network
7.32. ( MULTIPLE IPs - DMZ
segments) - I have several EXTERNAL IP addresses that I
want to PORTFW to several internal machines. How do I do
7.33. ( 1:1 NAT ) - I'd like
to do 1:1 NAT but I can't figure out how to do it
7.34. ( Netstat ) - I'm trying to
use the NETSTAT command to show my Masqueraded connections
but its not working
7.35. ( VPNs ) - I would like to get
Microsoft PPTP (GRE tunnels) and/or IPSEC (Linux SWAN)
tunnels running through IP MASQ
7.36. ( Games ) - I want to get the
XYZ network game to work through IP MASQ but it won't work.
7.37. ( Stops working ) -
IP MASQ works fine for a while but then it stops working. A
reboot seems to fix this. Why?
7.38. ( SMTP Relay ) - Internal MASQed
computers cannot send SMTP or POP-3 mail!
7.39. ( Source Routing ) - I need
different internal MASQed networks to exit on different
external IP addresses
7.40. ( IPCHAINS rulesets
on 2.4.x kernels ) - What the ipchains.o module can do on
IPTABLES vs. IPCHAINS vs. IPFWADM ) - Why do the 2.4.x,
2.2.x, and 2.0.x kernels use different firewall
7.42. ( Upgrades ) - I've just
upgraded to the x.y.z kernel, why isn't IP Masquerade
7.43. ( EQL ) - I need help with EQL
connections and IP Masq
7.44. ( Wussing out ) - I can't
get IP Masquerade to work! What options do I have for
7.45. ( Developers ) - I want to
help with IP Masquerade development. What can I do?
7.46. ( More INFO ) - Where can I
find more information on IP Masquerade?
7.47. ( Translators ) - I want
to translate this HOWTO to another language, what should I
7.48. ( Updates ) - This HOWTO seems
out of date, are you still maintaining it? Can you include
more information on ...? Are there any plans for making
7.49. ( Thanks ) - I got IP
Masquerade working, it's great! I want to thank you guys,
what can I do?
If you can think of any useful FAQ suggestions, please send it
to email@example.com. Please clearly state the
question and an appropriate answer (if you have it). Thank you!