IP camouflage settings in Linux

In Linux, IP camouflage settings-Linux Enterprise Application-Linux server application information. The following is a detailed description. How to implement ip camouflage? Assume that you have a Linux host that is connected to the Internet through the ddnleased line, has its own ip address and domain name, and is also connected to 20 win95 workstations through the HUB, now, you can use ip spoofing to connect the 20 win95 workstations to the Internet at the same time.

Simple IP Masq is actually very simple. If you use the 2.0.x and 2.1.xx cores, and ensure that the core supports IP Forwarding and IP Masq, add one last sentence in/etc/ppp/if-up (Suppose your private network address is 192.168.x.x ): /sbin/ipfwadm-F-a m-S 192.168.0.0/16-D 0.0.0.0/0. If some people use 2.1.10x, ipfwadm cannot be used, instead of ipchains. Same method:/sbin/ipchains-A forward-j MASQ-s 192.168.0.0/16. Then, let the default gateways of all hosts on your LAN Point to the Linux machine used for Masq. You need to download the ipchains and find them on the Internet.

If the client is win95, set it in DHCP. Of course, the DNS of each client should point to the DNS of the ISP, or simply, open a DNS server with cache only and forward only on the Masq machine. If your DNS has been completed, it is very easy to use squid. The default configuration file/etc/squid. conf can work (you may need to change the http port number to 8080), and can implement the cache function. The usage is good and the method is extremely simple.

Step 1: Set up your PPP to ensure that you can access the Internet on the Linux box. Step 2: Run squid-z to create the cache directory. Step 3: If you need to modify/etc/squid. conf, the default value is quite good. You can change it or not. If you want to change it, change http_port from 3128 to 8080. In this way, all the preliminary work is ready. When you need to access the Internet in the future, connect to PPP and run squid, and you will have a pretty good proxy, and set the proxy on the client. If you upgrade pppd to 2.3.5, you can configure it as "On-Demand dialing". If you configure it with ISDN, it is no different from the leased line.

Default Gateway: 192.168.0.1 (Linux box) IP Masq :( Linux box) defaultrouter:. b. c. d/sbin/ipfwadm-F-a m-S 192.168.0.0/16-D 0.0.0.0/0 or/sbin/ipchains-A forward-j MASQ-s 192.168.0.0/16 squid: you do not need to set 192 here. 168... this is just an example. Replace it with your own address range. The default gateway of the server is a router! The default gateway of other machines must be a server (Linux box ).

Install two NICs on the Linux server, connect them to the Intranet one by one, and give a reserved address such as 192.168. The other is directly connected to the vro and use your official address, in this way, you only need two valid IP addresses. In this way, the security should be better. If the router is killed and the Linux leased line is used as the router, you only need a valid IP address.
If I only apply for a limited IP address, but many people access INTERNE, how can I use Linux?
Two methods:
1. proxy (squid or other proxies) 2. ipmasq + squid if you only need http or ftp, you can use 1.
Source: zhongke Hongqi