IP Masquerade - Ubuntu

This is a discussion on IP Masquerade - Ubuntu ; Hi all I am working in a mixed environment network, both Linux and Xp workstations. all workstations browse through a proxy running on Ubuntu 7.10 server, which also runs Dansguardian. Is it possible to set this server to Masquerade clients ...

+ Reply to Thread
Results 1 to 10 of 10

Thread: IP Masquerade

  1. IP Masquerade

    Hi all

    I am working in a mixed environment network, both Linux and Xp
    workstations.
    all workstations browse through a proxy running on Ubuntu 7.10 server,
    which also runs Dansguardian.
    Is it possible to set this server to Masquerade clients ip, or should i
    set the clients to do it?
    I am looking at a few HOW TO on the net, however it seems like they refer
    to the client itself only.

    TIA

    --
    Holz

  2. Re: IP Masquerade

    Holz wrote:
    > I am working in a mixed environment network, both Linux and Xp
    > workstations.
    > all workstations browse through a proxy running on Ubuntu 7.10 server,
    > which also runs Dansguardian.
    > Is it possible to set this server to Masquerade clients ip, or should i
    > set the clients to do it?


    What are you actually trying to achieve?

    Chris

  3. Re: IP Masquerade

    Holz wrote:
    > Hi all
    >
    > I am working in a mixed environment network, both Linux and Xp
    > workstations.
    > all workstations browse through a proxy running on Ubuntu 7.10 server,
    > which also runs Dansguardian.
    > Is it possible to set this server to Masquerade clients ip, or should i
    > set the clients to do it?
    > I am looking at a few HOW TO on the net, however it seems like they refer
    > to the client itself only.
    >
    > TIA



    First learn what the term masquerade actually means.

    http://en.wikipedia.org/wiki/IP_Masquerade

    Simply add a NAT router.


    --
    John

    No Microsoft, Apple, AT&T, Intel, Novell, Trend Micro, nor Ford products were used in the preparation or transmission of this message.

    The EULA sounds like it was written by a team of lawyers who want to tell me what I can't do. The GPL sounds like it was written by a human being, who wants me to know what I can do.

  4. Re: IP Masquerade

    Chris Davies wrote:
    > Holz wrote:
    >> I am working in a mixed environment network, both Linux and Xp
    >> workstations.
    >> all workstations browse through a proxy running on Ubuntu 7.10 server,
    >> which also runs Dansguardian.
    >> Is it possible to set this server to Masquerade clients ip, or should i
    >> set the clients to do it?

    >
    > What are you actually trying to achieve?
    >
    > Chris


    I am trying to Masquerade the ip of any workstation that will browse the
    internet.

    --
    --
    Holz

  5. Re: IP Masquerade

    John F. Morse wrote:
    > Holz wrote:
    >> Hi all
    >>
    >> I am working in a mixed environment network, both Linux and Xp
    >> workstations.
    >> all workstations browse through a proxy running on Ubuntu 7.10 server,
    >> which also runs Dansguardian.
    >> Is it possible to set this server to Masquerade clients ip, or should
    >> i set the clients to do it?
    >> I am looking at a few HOW TO on the net, however it seems like they
    >> refer to the client itself only.
    >>
    >> TIA

    >
    >
    > First learn what the term masquerade actually means.
    >
    > http://en.wikipedia.org/wiki/IP_Masquerade
    >
    > Simply add a NAT router.
    >
    >


    Thank you for the link, I understand the subject better now.

    --
    --
    Holz

  6. Re: IP Masquerade

    Holz wrote:
    > John F. Morse wrote:
    >> Holz wrote:
    >>> Hi all
    >>>
    >>> I am working in a mixed environment network, both Linux and Xp
    >>> workstations.
    >>> all workstations browse through a proxy running on Ubuntu 7.10
    >>> server, which also runs Dansguardian.
    >>> Is it possible to set this server to Masquerade clients ip, or
    >>> should i set the clients to do it?
    >>> I am looking at a few HOW TO on the net, however it seems like they
    >>> refer to the client itself only.
    >>>
    >>> TIA

    >>
    >>
    >> First learn what the term masquerade actually means.
    >>
    >> http://en.wikipedia.org/wiki/IP_Masquerade
    >>
    >> Simply add a NAT router.
    >>
    >>

    >
    > Thank you for the link, I understand the subject better now.



    You are welcome.

    The easiest solution is to use one of the relatively cheap NAT routers,
    like the Linksys BEFSR41 for instance.

    You could do a little better if you use a stand-alone (dedicated) Linux
    router and firewall computer, but it will not only require
    configuration, but substantially more electrical power to run. Plus it
    will generate more heat, which will add to the air conditioning load in
    the summer.

    My use of the term "better" here concerns a possible speed increase over
    the off-the-shelf routers, and much better configuration and option
    choices -- if really needed.


    --
    John

    No Microsoft, Apple, AT&T, Intel, Novell, Trend Micro, nor Ford products were used in the preparation or transmission of this message.

    The EULA sounds like it was written by a team of lawyers who want to tell me what I can't do. The GPL sounds like it was written by a human being, who wants me to know what I can do.

  7. Re: IP Masquerade

    John F. Morse wrote:
    > Holz wrote:
    >> John F. Morse wrote:
    >>> Holz wrote:
    >>>> Hi all
    >>>>
    >>>> I am working in a mixed environment network, both Linux and Xp
    >>>> workstations.
    >>>> all workstations browse through a proxy running on Ubuntu 7.10
    >>>> server, which also runs Dansguardian.
    >>>> Is it possible to set this server to Masquerade clients ip, or
    >>>> should i set the clients to do it?
    >>>> I am looking at a few HOW TO on the net, however it seems like they
    >>>> refer to the client itself only.
    >>>>
    >>>> TIA
    >>>
    >>>
    >>> First learn what the term masquerade actually means.
    >>>
    >>> http://en.wikipedia.org/wiki/IP_Masquerade
    >>>
    >>> Simply add a NAT router.
    >>>
    >>>

    >>
    >> Thank you for the link, I understand the subject better now.

    >
    >
    > You are welcome.
    >
    > The easiest solution is to use one of the relatively cheap NAT
    > routers, like the Linksys BEFSR41 for instance.
    >
    > You could do a little better if you use a stand-alone (dedicated)
    > Linux router and firewall computer, but it will not only require
    > configuration, but substantially more electrical power to run. Plus it
    > will generate more heat, which will add to the air conditioning load
    > in the summer.
    >
    > My use of the term "better" here concerns a possible speed increase
    > over the off-the-shelf routers, and much better configuration and
    > option choices -- if really needed.
    >
    >

    Why tell him to get the BEFSR41 when there is the WRT54GL (L as in
    Linux) which was made just for us Linux types?
    It has much more memory and a faster CPU (250MHz vs only 100) and there
    is a Linux program already written as a kind of guide to work from. Mine
    is a firewall, deflects more than one ping every few seconds, and could
    care less about DOS attacks (their words). It also has excellent
    wireless b/g security.
    Bill Baka

  8. Re: IP Masquerade

    > Why tell him to get the BEFSR41 when there is the WRT54GL (L as in
    > Linux) which was made just for us Linux types?
    > It has much more memory and a faster CPU (250MHz vs only 100) and there
    > is a Linux program already written as a kind of guide to work from. Mine
    > is a firewall, deflects more than one ping every few seconds, and could
    > care less about DOS attacks (their words). It also has excellent
    > wireless b/g security.
    > Bill Baka


    Thanks for all the advice, I have the budget for some Cisco perimeter
    devices, so I will go with it.
    --
    --
    Holz

  9. Re: IP Masquerade

    Bill Baka wrote:
    > Why tell him to get the BEFSR41 when there is the WRT54GL (L as in
    > Linux) which was made just for us Linux types?
    > It has much more memory and a faster CPU (250MHz vs only 100) and there
    > is a Linux program already written as a kind of guide to work from. Mine
    > is a firewall, deflects more than one ping every few seconds, and could
    > care less about DOS attacks (their words). It also has excellent
    > wireless b/g security.
    > Bill Baka
    >



    Because the WRT54GL also has that "W" in it.

    That router may (or may not) have excellent security, but consider the
    other clients. Some were stated to be Windows PCs.

    There goes your "excellent security" out the "window" (or probably any
    security). ;-)

    I'm still, and will forever be, a believer that if you "broadcast"
    something, somebody will eventually crack it, regardless of the security.

    Keep your business inside coax or tightly twisted-pair, and it's not
    nearly as vulnerable. It can still be sniffed, but they will be on the
    property and the range of deadly force (the Castle Doctrine).

    I can't shoot 'em if they are parked out front on the street doing WiFi
    sniffing, nor if they are a close neighbor. ;-)


    --
    John

    No Microsoft, Apple, AT&T, Intel, Novell, Trend Micro, nor Ford products were used in the preparation or transmission of this message.

    The EULA sounds like it was written by a team of lawyers who want to tell me what I can't do. The GPL sounds like it was written by a human being, who wants me to know what I can do.

  10. Re: IP Masquerade

    John F. Morse wrote:
    > Bill Baka wrote:
    >> Why tell him to get the BEFSR41 when there is the WRT54GL (L as in
    >> Linux) which was made just for us Linux types?
    >> It has much more memory and a faster CPU (250MHz vs only 100) and there
    >> is a Linux program already written as a kind of guide to work from. Mine
    >> is a firewall, deflects more than one ping every few seconds, and could
    >> care less about DOS attacks (their words). It also has excellent
    >> wireless b/g security.
    >> Bill Baka
    >>

    >
    >
    > Because the WRT54GL also has that "W" in it.
    >
    > That router may (or may not) have excellent security, but consider the
    > other clients. Some were stated to be Windows PCs.
    >
    > There goes your "excellent security" out the "window" (or probably any
    > security). ;-)

    Maybe. I have the wireless 802.11/B/G set for her laptop's MAC only, G
    only, use channel 11, maximum strength WPA,
    and I am looking for a way to lower the transmit power since it only
    goes about 20 feet to her computer.
    This is a home network so there are no other clients, and I have a 3COM
    3CR990 10/100 Ethernet card that has it's own security. I believe I am
    pretty secure with this setup and in the area I live I doubt that
    someone could pull off a war driving attack on me.
    >
    > I'm still, and will forever be, a believer that if you "broadcast"
    > something, somebody will eventually crack it, regardless of the security.

    Hence the attempt to lower the power, since my daughter gets maximum
    signal in her room, and I could probably cut her down to merely 'good'
    on the signal strength.
    >
    >
    > Keep your business inside coax or tightly twisted-pair, and it's not
    > nearly as vulnerable. It can still be sniffed, but they will be on the
    > property and the range of deadly force (the Castle Doctrine).
    >
    > I can't shoot 'em if they are parked out front on the street doing
    > WiFi sniffing, nor if they are a close neighbor. ;-)
    >
    > True, but I can get sneaky and toss rocks from the back yard over the
    > house and hope to hit the snooper's windshield. Then said snoop would
    > be looking around for the kid who tossed the rock.

    Bill (devious) Baka

+ Reply to Thread