[Coldstuff] IP Masq / forwarding

Brandon Gillespie coldstuff@cold.org
Wed, 20 Feb 2002 12:55:06 -0700

On Wed, Feb 20, 2002 at 11:19:31AM -0800, Jonathan Robertson wrote:
> I am going to be toying around with the idea of using
> ip masq and forwarding to hide my server behind
> another firewall.  Has anyone else already done this?
> Comments or suggestions from anyone?

Please correct me if I'm wrong, but isn't linux's IP masquerading just
PAT/NAT?  If so, its not really appropriate for a server (inbound) and
was originally designed to hide a network behind a single IP address
(outbound).  While you can manage inbound on a port by port basis to a
server... why would you in this situation?  It would work, but you
dont get much value and you do get more complexity...