Ipmasq User's Manual - Design Issues


[ previous ] [ Copyright Notice ] [ Contents ] [ next ]

Ipmasq User's Manual - Chapter 2
Design Issues


This section describes rationales for some of the design issues that went into ipmasq.


2.1 File Naming Scheme

The rules files ipmasq utilizes are named according to a common scheme consisting of a capital letter, a two digit number, and a short description of what the rule is doing. As the names of the rules files are run through sort, the letter and two digit number determine the order in which rules will be run.

The capital letter denotes what kind of action the rule takes, according to the following list:

More information about the rules files can be found in the comments of the rules files themselves.


2.2 Rules Files

The rules files supplied with ipmasq have been broken down to a fine granularity. This granularity is designed to allow individual portions to be overridden easily. For instance, if all input rules were shipped in one rules file, in order to override the input rule for external interfaces, the remaining rules in the file would have to be duplicated.

New rules files should contain commands suitable for setting up the operation of one service. This is to both keep a reasonable level of granularity, and to allow those rules files to be self-contained entities.


2.3 Assumptions

ipmasq makes a few assumptions about the networks it is masquerading between (these hold for the majority of cases):

Should any of these assumptions prove false for your specific network, please see Dealing with Oddball Networks, Chapter 3.


[ previous ] [ Copyright Notice ] [ Contents ] [ next ]
Ipmasq User's Manual
Brian Bassett [email protected]