Firewalls can be divided into several different security levels. In Linux, because there are many different firewall software options, the security can be low and high, and the most complex software can provide almost no penetration protection capabilities. However, the Linux core itself has a simple mechanism called "Disguise". Apart from the most specialized hacker attacks, it can withstand the vast majority of attacks.
When we dial up the Internet, our computer will be assigned an IP address, so that other people on the Internet can return the information to our computer. Hackers use your IP address to access information on your computer. The "IP disguise" method used in Linux is to hide your IP address and prevent others from seeing it on the network. There are several groups of IP addresses that are specially reserved for use by the local network. The Internet backbone router cannot be identified. For example, the IP address of the author's computer is 192.168.1.127. If you enter this address in your browser, you cannot receive anything because the Internet backbone does not recognize the IP address 192.168.X.X. There are countless computers on other intranets, and the same IP address is used. Because you cannot access it at all, you cannot intrude into or crack it.
To solve the security problem on the Internet, it seems to be a simple task. You just need to select an IP address that someone else cannot access for your computer. Error! Because when you browse the Internet, the server also needs to send the data back to you, otherwise you will not see anything on the screen, the server can only return data to a valid IP Address registered on the Internet backbone.
"IP camouflage" is a technology used to solve this dilemma. When you have a Linux-installed computer that is set to use "IP camouflage", it will bridge the internal and external networks, and automatically interpret the IP addresses from the inside out or from the outside to the inside. This action is usually called network address translation.
In fact, "IP camouflage" is more complex than the above. Basically, the "IP disguised" server is built between two networks. If you use a simulated dial-up modem to access data on the Internet, this is one of the networks. Your Intranet usually corresponds to an Ethernet card, which is the second network. If you are using a DSL or Cable Modem, the system will have a second ethernet card instead of the analog Modem. Linux can manage each IP address of these networks. Therefore, if you have a computer with the IP address 192.168.1.25 installed on Windows, which is located on Ethernet eth1 on the second network, to access the cable modem 207.176.253.15 on InternetEthernet eth0), Linux's "IP disguise" intercepts all TCP/IP packets sent from your browser, extract the original local address 192.168.1.25) and replace it with the actual address 207.176.253.15. Then, when the server returns the data to 207.176.253.15, Linux will automatically intercept the return packet and fill in the correct local address 192.168.1.25 ).
Linux can manage several local computers, such as 192.168.1.25 and 192.168.1.34 in Linux's "IP disguise", and process each packet without confusion. The author has an old 486 computer installed with SlackWare Linux that can simultaneously process packets sent from four computers to a cable modem without reducing the speed.
Before the core of version 2, "IP disguise" was managed by IPFWADM, IP fw adm, the IP sending management module. Although the core of the second edition provides faster and more complex IPCHAINS, it still provides IPFWADM wrapper to maintain downward compatibility. Therefore, the author will take IPFWADM as an example in this article, to describe how to set "IP camouflage ).
In addition, some applications such as the non-standard packages used by RealAudio and CU-SeeME require special modules. You can also obtain relevant information from the above websites.