3 # rc.masq - IP Masquerade
5 # Load all required IP MASQ modules
7 # NOTE: Only load the IP MASQ modules you need. All current IP MASQ modules
8 # are shown below but are commented out from loading.
10 # Needed to initially load modules
14 # Supports the proper masquerading of FTP file transfers using the PORT method
16 #/sbin/modprobe ip_masq_ftp
18 # Supports the masquerading of RealAudio over UDP. Without this module,
19 # RealAudio WILL function but in TCP mode. This can cause a reduction
22 #/sbin/modprobe ip_masq_raudio
24 # Supports the masquerading of IRC DCC file transfers
26 #/sbin/modprobe ip_masq_irc
29 # Supports the masquerading of Quake and QuakeWorld by default. This modules is
30 # for for multiple users behind the Linux MASQ server. If you are going to play
31 # Quake I, II, and III, use the second example.
33 # NOTE: If you get ERRORs loading the QUAKE module, you are running an old
34 # ----- kernel that has bugs in it. Please upgrade to the newest kernel.
36 #Quake I / QuakeWorld (ports 26000 and 27000)
37 #/sbin/modprobe ip_masq_quake
39 #Quake I/II/III / QuakeWorld (ports 26000, 27000, 27910, 27960)
40 #/sbin/modprobe ip_masq_quake 26000,27000,27910,27960
43 # Supports the masquerading of the CuSeeme video conferencing software
45 #/sbin/modprobe ip_masq_cuseeme
47 #Supports the masquerading of the VDO-live video conferencing software
49 #/sbin/modprobe ip_masq_vdolive
52 #CRITICAL: Enable IP forwarding since it is disabled by default since
54 # Redhat Users: you may try changing the options in /etc/sysconfig/network from:
60 echo 1 > /proc/sys/net/ipv4/ip_forward
65 # If you get your IP address dynamically from SLIP, PPP, or DHCP, enable this following
66 # option. This enables dynamic-ip address hacking in IP MASQ, making the life
67 # with Diald and similar programs much easier.
69 #echo "1" > /proc/sys/net/ipv4/ip_dynaddr
72 IPTABLES=/sbin/iptables
75 # DHCP: For people who receive their external IP address from either DHCP or BOOTP
76 # such as ADSL or Cablemodem users, it is necessary to use the following
77 # before the deny command. The "bootp_client_net_if_name" should be replaced
78 # the name of the link that the DHCP/BOOTP server will put an address on to?
79 # This will be something like "eth0", "eth1", etc.
81 # This example is currently commented out.
84 #$IPCHAINS -A input -j ACCEPT -i bootp_clients_net_if_name -s 0/0 67 -d 0/0 68 -p udp
86 # Enable simple IP forwarding and Masquerading
88 # NOTE: The following is an example for an internal LAN address in the 192.168.0.x
89 # network with a 255.255.255.0 or a "24" bit subnet mask.
91 # Please change this network number and subnet mask to match your internal LAN setup