Re: 1:1 NAT on Linux 2.2 or 2.4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Andi,

On Mon, 20 Aug 2001, Andi Kleen wrote:

> On Sun, Aug 19, 2001 at 11:29:35PM -0700, Erik Lotspeich wrote:
> > What I have found indicates that ipchains in Linux 2.2 is not capable of
> > 1:1 NAT, but Linux 2.4 is.  Is this true?  I'd prefer to stick with Linx
> > 2.2 because I need H323 over IP Masquerading and I haven't found such an
> > add-on module for Linux 2.4.
>
> Linux 2.2+ supports simple stateless 1:1 NAT with no protocol translation
> (with an ip rule ... nat rule; see the iproute2 documentation). This
> is simple and efficient, but most people need protocol translation e.g.
> to let FTP still work.
>
> It also supports 1:n NAT in form of masquerading with protocol
> translation. HOWTOs exist.
>
> Linux 2.4+ supports all the same; plus in addition a new NAT module
> from netfilter which supports protocol translation and more or less
> full M:N NAT. HOWTOs exist.

Where?  I have not been able to find any comprehensive documentation
anywhere.  Everything I've found is broken links, outdated, or not
helpful.  I'd be perfectly happy with static NAT on Linux 2.2.  I've
printed out hundreds and hundreds pages of HOWTOs, documentation, and
more, but have found nothing useful.

>
>
> >
> > Is there some clear documentation that associates all of the Linux network
> > utilities with kernel version?  So far I've come across ipfwadm,
> > ipmasqadm, iptables, ipchains, and ip.  From what I gather, iptables works
> > with Linux 2.4 and ipchains works with Linux 2.2.  I know that ipfwadm
> > works with the Linux 2.0 kernel, but what about the others?  I've
> > successfully used ipfwadm with Linux 2.2...
>
> 2.0: ipfwadm only
> 2.2: ipchains only
> 2.4: ipfwadm, ipchains, iptables

Where does ipnatadm fit in?

I have seen a couple of questions by others on this list regarding NAT
that have gone unanswered.  Is there a person, website, or documentation
source that gives a comprehensive answer to these questions?

Thanks in advance for your help,

Erik.


-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux 802.1Q VLAN]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Git]     [Bugtraq]     [Yosemite News and Information]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux PCI]     [Linux Admin]     [Samba]

  Powered by Linux