From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-70395-garchives=archives.gentoo.org@gentoo.org>)
	id 1IdwhY-0007Vx-9J
	for garchives@archives.gentoo.org; Fri, 05 Oct 2007 23:35:24 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.14.1/8.14.0) with SMTP id l95NOjHm012553;
	Fri, 5 Oct 2007 23:24:45 GMT
Received: from gabriel.sub.uni-goettingen.de (gabriel.sub.uni-goettingen.de [134.76.163.126])
	by robin.gentoo.org (8.14.1/8.14.0) with ESMTP id l95NKRhs007736
	for <gentoo-user@lists.gentoo.org>; Fri, 5 Oct 2007 23:20:27 GMT
Received: by gabriel.sub.uni-goettingen.de (Postfix, from userid 8)
	id 6C71D3246B4; Mon,  8 Oct 2007 18:25:27 +0200 (CEST)
Received: from localhost (dslb-082-083-037-120.pools.arcor-ip.net [82.83.37.120])
	by gabriel.sub.uni-goettingen.de (Postfix) with ESMTP id 954823246B3
	for <gentoo-user@lists.gentoo.org>; Mon,  8 Oct 2007 18:25:23 +0200 (CEST)
Date: Sat, 6 Oct 2007 01:20:23 +0200
From: Hans-Werner Hilse <hilse@web.de>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] loopback into gentoo iptables
Message-Id: <20071006012023.505a792a.hilse@web.de>
In-Reply-To: <20071005172338.5bd7b73b@pascal.spore.ath.cx>
References: <6b0bc7870710050842o1c7d350ve3cdf60e9fb0c1e8@mail.gmail.com>
	<20071005180056.9d2f2cef.hilse@web.de>
	<20071005172338.5bd7b73b@pascal.spore.ath.cx>
X-Mailer: Sylpheed 2.4.5 (GTK+ 2.12.0; i586-pc-linux-gnu)
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Spam-Checker-Version: SpamAssassin 2.64 (2004-01-11) on 
	gabriel.sub.uni-goettingen.de
X-Spam-Level: 
X-Spam-Status: No, hits=-1.4 required=5.0 tests=AWL,BAYES_00,
	RCVD_IN_SORBS_DUL autolearn=ham version=2.64
X-Archives-Salt: 6d5ae183-fa35-4cfa-b50d-269244872c84
X-Archives-Hash: 687b0a98f89e5156588cab65ad5d3097

Hi,

On Fri, 5 Oct 2007 17:23:38 -0500
Dan Farrell <dan@spore.ath.cx> wrote:

> > Setting up NAT works using a sysctl (or the procfs). Restricting the
> > NAT works using iptables.
> 
> I don't think that's quite right.  Correct me if i'm wrong (please) but
> this should read, 
> 
> 	"Setting up forwarding works using a sysctl... and configuring
> 	and restricting the NAT works using iptables"
> 
> Network Address Translation is taken care of by iptables itself, not
> just firewalled that way.  

Thanks, I missed that, of course you're right! NAT would be
masquerading, and that's in fact netfilter/iptables' job. I was
probably just thinking about routing/forwarding in general...

-hwh
-- 
gentoo-user@gentoo.org mailing list