IP Masquerading with Linux
IP masquerading (aka Network Address Translation) allows you to share a single internet
connection with multiple computers. This example is specific to my experiences with Slackware
which is a BSD style system. That means its startup scripts are in the directory /etc/rc.d . System
V systems, such as Red Hat, will vary from this. The underlying modules and kernel code are the
same, but the process starting them is different.
You will complete these steps as root. Start by installing Linux, which of course you have to do
as root. You probably have this done, but this is where you would start otherwise.
The last step, you will configure your system with an IP address, and hostname. Any hostname
will do. In fact any domain name will do too. If you already have your Slackware installed, run
When setup asks you if you are only using loopback answer NO. Enter a non routable IP address.
Enter your netmask. Enter your DNS. Leave the gateway portion blank.
Edit /etc/rc.d/rc.modules file so it will provide support for your NIC card. I am using a Kingston
NIC card so I uncomment the line that says /sbin/tulip . Delete the # sign so it activates the
module when the system starts.
to configure your modem. Enter your init string if necessary. Enter your DNS IP number
Restart your machine. You could actually issue the /etc/rc.d/rc.inet1 command to activate the
changes. I often reboot to make sure everything is reinitialized. You know you have become a
master Sys Admin when you can reconfigure all your system without rebooting except for
changing out the kernel. Something I am far from attaining.
Let s say you are masking this connection to a windows 95 machine. Go to it. In the properties
section under TCP/IP for the NIC card change it s address to a local IP. Enter the same DNS
information, same as your Linux machine. Your gateway will be the machine connected to the
Restart your windows 95 machine. Test the connection between machines by pinging the other.
From the windows 95 machine you would issue the command
# ping 192.168.1.100
and you should see it pinging the gateway machine. Return to the linux machine and edit the
/etc/rc.d/rc.modules file to it activates IP masquerading.
ipfwadm -F -p deny
ipfwadm -F -a m -b -S 192.168.1.0/24 -D 0.0.0.0/0
along with support for special stuff like quake, ftp, and IRC. This is right below this.
Restart your linux box. Start your ppp connection
ping a site on the net. You should be ready to go. The ipfwadm can also be configured to allow
access to certain machines and is actually a firewall protection for your machines on your private