IP Masquerade

I have recently installed Redhat 4.2 and am attempting to set up IP Masquerading. The firewall portion of ipfwadm seems to work fine, but when I try to do anything with the masquerading portion, I get the error 'setsockopt failed: Invalid argument'. I am entering commands straight out of the FAQ's (a number of different versions) so I'm not convinced that it's something wrong in my commands. The kernel has been compiled with options as per the FAQ and the modules have been installed. What little thing am I missing?
addendum: ipfwadm -M -l returns 'cannot open /proc/net/ip_masquerade'. (since that file doesn't exist I suppose)
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

This sounds to me as though the kernel lacks the necessary support. Go through the FAQ with a toothcomb, and check you really have enabled all the necessary kernel opitons, and check that you really are booting from the kernel with those options compiled in.

Also, under certain circumstances it is necessary to get an upgraded version of ipfwadm.

Have a look in /proc/net, and see if the ip_masquerade file is there, too. I assume you were trying to execute this as root?
murraydhAuthor Commented:
I'm quite sure that all the support is there. I've checked the settings against the FAQ a dozen times. I'm also running version 2.3.0 of ipfwadm. As for the ip_masquerade file in /proc/net, it does not exist. I'm sure this is (at least part of) the problem, though I have no idea how to go about fixing it.
Are all the ip_masquerade modules built and loaded? The docs clearly state you must manually load the modules NOT let the kerneld autoload them for you.
The problem is in your kernel
the /proc filesystem is automatically created by the kernel.

Have you read the kernel HOWTO about how to get the rebuilt
kernel to be booted against.

Do this:


and look for the kernel version line.
This tells you when the kernel you're booting was built, and on what system it was built.  If this is not the date you built it, then you've still got to sort that out.

This will involve updating the kernel where ever you have it.

lilo: /vmlinuz (Unless your lilo.conf has been modified)

floppy: use dd to write the kernel image onto the floppy.

loadlin(dos): the vmlinuz in the dos directory linux is booted from

This should all be covered in the kernel.HOWTO

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Well, as long as a ls / shows /probc to be there we can assume that he has indeed compiled in the /rpocfs.  Now to the rest.  Part of the trouble here is the lack of info we have been given to wirk with, I'd like to see things such as:  output from lsmod, show's us what modules have been loaded, perhaps the output from ls /proc/net, this will also give us some info about what may be compiled into the kernel, and I'd like a full accounting of the ipfwadm commands the user is attempting to give the system, typos are most often the cuase of troubles, not to mention slightly mundged command parms.  It's had, very hard to answer questions with so little info to go on.  I'm surprised others have as yet not requested more info...
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Networking

From novice to tech pro — start learning today.