Provided by:
ipmasq_4.0.8-0.1ubuntu1_all 
NAME
ipmasq-rule - rules file used to set up IP Masquerading
SYNOPSIS
/etc/ipmasq/rules/*.{rul,def}
DESCRIPTION
This manual page documents the rules files used by the ipmasq command.
ipmasq sources these rules files using sh(1). Only those files ending
with the extensions .rul or .def are sourced, so as to prevent old
rules (for example, left around by editor backups) from being put back
into service.
ipmasq sources the rules files by listing the files in the directory
/etc/ipmasq/rules with the extensions .rul or .def. This list is
sorted, and for each basename, the .rul rule is sourced if it exists,
otherwise the .def rule is sourced.
ENVIRONMENT VARIABLES AVAILABLE TO RULES
The following environment variables are available to rules:
PATH The PATH for rules is explicitly set to
"/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin".
EXTERNAL_OUT
Names of the interfaces currently sending packets outbound from
the system to external networks.
EXTERNAL_IN
Names of the interfaces currently receiving packets inbound to
the system from external networks.
EXTERNAL
Names of the interfaces currently connected to external
networks. This is a combination of EXTERNAL_OUT and
EXTERNAL_IN.
INTERNAL
Names of all the interfaces on the system currently up and
configured with an IP address and netmask, with the exception of
the loopback interface (lo), and EXTERNAL.
IPFWADM
Path to the ipfwadm utility. Use of this variable is
recommended, as its use will automatically support the
--display, --no-act, and --verbose options of ipmasq(8).
IPCHAINS
Path to the ipchains utility. Use of this variable is
recommended, as its use will automatically support the
--display, --no-act, and --verbose options of ipmasq(8).
IPTABLES
Path to the iptables utility. Use of this variable is
recommended, as its use will automatically support the
--display, --no-act, and --verbose options of ipamsq(8).
MASQMETHOD
One of ipfwadm, ipchains or netfilter depending on the interface
of the currently running kernel.
SHOWRULES
Set to yes if ipmasq(8) has been called with either the
--display or the --verbose flag, indicating the user wishes
rules to be displayed.
NOACT Set to yes if ipmasq(8) has been called with either the
--display or the --no-act flag, indicating the user wishes rules
not to be executed.
SHELL FUNCTIONS AVAILABLE TO RULES
The following shell functions are available to rules:
ipnm_cache
In order to speed the creation of the ruleset, the IP address
and netmask of the interfaces listed in INTERNAL and EXTERNAL
are cached. Call ipnm_cache interface to retrieve the cached
information. The IP address, netmask, point-to-point peer, and
broadcast address are returned in the environment variables
IPOFIF, NMOFIF, PEEROFIF, and BCOFIF respectively.
FILES
/etc/ipmasq/rules/*.def
Package defined default rules files. Do not edit, instead
create a .rul file.
/etc/ipmasq/rules/*.rul
User defined rules files. Each overrides the corresponding .def
file.
CAVEATS
Previous versions of ipmasq(8) guaranteed that rule files would be
sourced using bash(1). However, since bash(1) is a resource hog,
especially on systems often used as ipmasq boxes, this guarantee was
removed as of ipmasq version 3.3.3. Check your rules files for
‘‘bashisms.’’
SEE ALSO
ipmasq(8), sh(1), ipofif(8), nmofif(8), peerofif(8), bcofif(8),
default-if(8), enumerate-if(8), ipfwadm(8), ipchains(8), iptables(8)
AUTHOR
This manual page was written by Brian Bassett <brianb@debian.org>, for
the Debian GNU/Linux system (but may be used by others).
IPMASQ-RULE(5)