Integrating ipmasq with whatever system you use to connect
networks is a simple matter of running /usr/sbin/ipmasq when ever
the routing changes or an interface goes up or down.
ipmasq utilizes the debconf configuration management
system for interacting with the administrator during package installation and
normal system operations. Ipmasq may be reconfigured at any time
by running dpkg-reconfigure ipmasq as root.
ipmasq installs a script in the /etc/init.d
directory, and uses update-rc.d to install symlinks into
/etc/rcX.d directories. The boot-time behavior of
ipmasq may be disabled, started after network interfaces are
brought up (in single user runlevel 'S', ipmasq starts at 41 and
ipmasq-kmod starts at 42), started after network filesystems have
been mounted (in single user runlevel 'S', ipmasq starts at 46 and
ipmasq-kmod starts at 47), or started after network services have
been started (in normal runlevels, ipmasq starts at 21 and
ipmasq-kmod starts at 22). This behavior is controlled through
the debconf configuration mechanism (see Configuration, Section 4.1).
The package ipmasq installs scripts into the ip-up
and ip-down mechanism of pppd. These scripts check
for the presence of a file (/etc/ipmasq/ppp) before running
/usr/sbin/ipmasq. Remove this file to not have
ipmasq run when pppd brings the link up or down.
Please note that doing so is not recommended.
The debconf configuration mechanism (see Configuration, Section 4.1) provides a
simple mechanism for creating or removing this file.
Diald is a system which allows a link to be brought up and down based on network traffic. Diald accomplishes this bit of routing prestidigitation by setting up a proxy interface to be the system's default route and monitoring traffic on that interface.
On Debian systems, diald (by default) starts in runlevel 2, while
ipmasq typically starts during the boot process (technically,
runlevel S). ipmasq runs first, and intializes a firewall that
does not include the proxy route. diald then starts, and creates
a new route without informing ipmasq that the underlying routing
has changed. As a result of the firewall not including the proxy route, no
packets will be sent along the proxy, and diald will not bring the
link up.
To solve this problem, ipmasq must be configured (see Configuration, Section 4.1) such that
boot time initialization is disabled. [1] Also, if your system does not utilize PPP, invokations of
/usr/sbin/ipamsq must be added to your ipup and
ipdown scripts. (If your system uses PPP, the facilities in place
for using pppd will handle it. For more information, see PPP, Section 4.3.)
Hopefully, future versions of the Debian diald package will use a
setup where other packages can drop scripts in a directory to have them run
when diald runs a script. ipmasq will support this scheme when
implemented.
The pcmcia-cs package provides support for ipmasq.
In the file /etc/pcmcia/network.opts, simply define a variable
IPMASQ to have a value of y, as shown in the example
below:
------ Begin /etc/pcmcia/network.opts snippet -------
# Run ipmasq? [y/n] (see the Debian ipmasq package)
IPMASQ="y"
------- End /etc/pcmcia/network.opts snippet --------
Please note that this is needed only if you have a PC Card network card. A PC
Card modem will typically use pppd. For more information about
setting up pppd, please see PPP, Section 4.3.
Additionally, ipmasq should be set to disable the boot-time
initialization (see Boot-time
Initialization, Section 4.2).
Ipmasq User's Manual
Brian Bassettbrianb@debian.org