Ipmasq User's Manual - Integrating with Other Systems

[ previous ] [ Copyright Notice ] [ Contents ] [ next ]

Ipmasq User's Manual - Chapter 4
Integrating with Other Systems

Integrating ipmasq with whatever system you use to connect networks is a simple matter of running /usr/sbin/ipmasq when ever the routing changes or an interface goes up or down.

4.1 Boot-time Initialization

ipmasq installs a script in the /etc/init.d directory, and uses update-rc.d to install symlinks into /etc/rcS.d. ipmasq starts at 46, while ipmasq-kmod starts at 47. This is to make sure that /usr is mounted and available (NFS mounts are mounted at position 45 in the boot sequence).

4.2 PPP

The package ipmasq installs scripts into the ip-up and ip-down mechanism of pppd. These scripts check for the presence of a file (/etc/ipmasq/ppp) before running /usr/sbin/ipmasq. Remove this file to not have ipmasq run when pppd brings the link up or down. Please note that doing so is not recommended.

4.3 Diald

Diald is a system which allows a link to be brought up and down based on network traffic. Diald accomplishes this bit of routing prestidigitation by setting up a proxy SLIP interface to be the system's default route and monitoring traffic on that interface.

On Debian systems, diald (by default) starts in runlevel 2, while ipmasq starts during the boot process (technically, runlevel S). ipmasq runs first, and intializes a firewall that does not include the proxy route. diald then starts, and creates a new route without informing ipmasq that the underlying routing has changed. As a result of the firewall not including the proxy route, no packets will be sent along the proxy, and diald will not bring the link up.

To solve this problem, invokations of /usr/sbin/ipmasq must be added to two (or four, depending on your undelying connection) scripts. /usr/sbin/ipmasq must be added to your addroute and delroute scripts. This will cause ipmasq to re-evaluate the firewall when the proxy interface is established and removed. Also, if your system does not utilize PPP, it must be added to your ipup and ipdown scripts. (If your system uses PPP, the facilities in place for using pppd will handle it. For more information, see PPP, Section 4.2.)

Hopefully, future versions of the Debian diald package will use a setup where other packages can drop scripts in a directory to have them run when diald runs a script. ipmasq will support this scheme when implemented.


The pcmcia-cs package provides a mechanism for running programs after a PC Card network card interface is initialized and before it is taken down. Simply add a call to ipmasq in start_fn and stop_fn of /etc/pcmcia/network.opts, as shown in the example below:

     ------ Begin /etc/pcmcia/network.opts -------
     case "$ADDRESS" in
         start_fn () { /usr/sbin/ipmasq; return; }
         stop_fn () { /usr/sbin/dhcpcd-sv -k; /usr/sbin/ipmasq --rules /etc/ipmasq/ipmasq-down; return; }
     ------- End /etc/pcmcia/network.opts --------

Please note that this is needed only if you have a PC Card network card. A PC Card modem will typically use pppd. For more information about setting up pppd, please see PPP, Section 4.2.

[ previous ] [ Copyright Notice ] [ Contents ] [ next ]
Ipmasq User's Manual
Brian Bassett [email protected]