Provided by: ipmasq_4.0.8-4ubuntu1_all bug

NAME

       ipmasq-rule - rules file used to set up IP Masquerading

SYNOPSIS

       /etc/ipmasq/rules/*.{rul,def}

DESCRIPTION

       This  manual page documents the rules files used by the ipmasq command.
       ipmasq sources these rules files using sh(1).  Only those files  ending
       with  the  extensions  .rul  or  .def are sourced, so as to prevent old
       rules (for example, left around by editor backups) from being put  back
       into service.

       ipmasq  sources  the  rules files by listing the files in the directory
       /etc/ipmasq/rules with the extensions  .rul  or  .def.   This  list  is
       sorted,  and  for each basename, the .rul rule is sourced if it exists,
       otherwise the .def rule is sourced.

ENVIRONMENT VARIABLES AVAILABLE TO RULES

       The following environment variables are available to rules:

       PATH   The    PATH    for    rules     is     explicitly     set     to
              "/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin".

       EXTERNAL_OUT
              Names of the interfaces currently sending packets outbound  from
              the system to external networks.

       EXTERNAL_IN
              Names  of  the interfaces currently receiving packets inbound to
              the system from external networks.

       EXTERNAL
              Names  of  the  interfaces  currently  connected   to   external
              networks.    This   is   a   combination   of  EXTERNAL_OUT  and
              EXTERNAL_IN.

       INTERNAL
              Names of all the interfaces  on  the  system  currently  up  and
              configured with an IP address and netmask, with the exception of
              the loopback interface (lo), and EXTERNAL.

       IPFWADM
              Path  to  the  ipfwadm  utility.   Use  of  this   variable   is
              recommended,   as   its   use  will  automatically  support  the
              --display, --no-act, and --verbose options of ipmasq(8).

       IPCHAINS
              Path  to  the  ipchains  utility.   Use  of  this  variable   is
              recommended,   as   its   use  will  automatically  support  the
              --display, --no-act, and --verbose options of ipmasq(8).

       IPTABLES
              Path  to  the  iptables  utility.   Use  of  this  variable   is
              recommended,   as   its   use  will  automatically  support  the
              --display, --no-act, and --verbose options of ipamsq(8).

       MASQMETHOD
              One of ipfwadm, ipchains or netfilter depending on the interface
              of the currently running kernel.

       SHOWRULES
              Set  to  yes  if  ipmasq(8)  has  been  called  with  either the
              --display or the --verbose  flag,  indicating  the  user  wishes
              rules to be displayed.

       NOACT  Set  to  yes  if  ipmasq(8)  has  been  called  with  either the
              --display or the --no-act flag, indicating the user wishes rules
              not to be executed.

SHELL FUNCTIONS AVAILABLE TO RULES

       The following shell functions are available to rules:

       ipnm_cache
              In  order  to  speed the creation of the ruleset, the IP address
              and netmask of the interfaces listed in  INTERNAL  and  EXTERNAL
              are  cached.   Call  ipnm_cache interface to retrieve the cached
              information.  The IP address, netmask, point-to-point peer,  and
              broadcast  address  are  returned  in  the environment variables
              IPOFIF, NMOFIF, PEEROFIF, and BCOFIF respectively.

FILES

       /etc/ipmasq/rules/*.def
              Package defined default  rules  files.   Do  not  edit,  instead
              create a .rul file.
       /etc/ipmasq/rules/*.rul
              User defined rules files.  Each overrides the corresponding .def
              file.

CAVEATS

       Previous versions of ipmasq(8) guaranteed  that  rule  files  would  be
       sourced  using  bash(1).   However,  since  bash(1)  is a resource hog,
       especially on systems often used as ipmasq boxes,  this  guarantee  was
       removed  as  of  ipmasq  version  3.3.3.   Check  your  rules files for
       ‘‘bashisms.’’

SEE ALSO

       ipmasq(8),  sh(1),  ipofif(8),   nmofif(8),   peerofif(8),   bcofif(8),
       default-if(8), enumerate-if(8), ipfwadm(8), ipchains(8), iptables(8)

AUTHOR

       This  manual page was written by Brian Bassett <brianb@debian.org>, for
       the Debian GNU/Linux system (but may be used by others).

                                                                IPMASQ-RULE(5)