(M)  s i s t e m a   o p e r a c i o n a l   m a g n u x   l i n u x ~/ · documentação · suporte · sobre

  Next Previous Contents

3. Configuring the Kernel

First, we need to make sure all the proper options are set in your kernel. If you are using a stock kernel from your distribution, transparent proxying may or may not be enabled. If you are unsure, the best way to tell is to simply skip this section, and if the commands in the next section give you weird errors, it's probably because the kernel wasn't configured properly.

If your kernel is not configured for transparent proxying, you will need to recompile. Recompiling a kernel is a complex process (at least at first), and it is beyond the scope of this document. If you need help compiling a kernel, please see The Kernel HOWTO

The options you need to set in your configuration are as follows (Note: none of these can be built as modules)

  • Under General Setup
    • Networking support
    • Sysctl support
  • Under Networking Options
    • Network packet filtering
    • TCP/IP networking
  • Under Networking Options -> IP: Netfilter Configuration
    • Connection tracking
    • IP tables support
    • Full NAT
    • REDIRECT target support
  • Under File Systems
    • /proc filesystem support
You must say NO to ``Fast switching'' under Networking Options.

Once you have your new kernel up and running, you may need to enable IP forwarding. IP forwarding allows your computer to act as a router. Since this is not what the average user wants to do, it is off by default and must be explicitly enabled at run-time. However, your distribution might do this for you already. To check, do ``cat /proc/sys/net/ipv4/ip_forward''. If you see ``1'' you're good. Otherwise, do ``echo '1' > /proc/sys/net/ipv4/ip_forward''. You will then want to add that command to your appropriate bootup scripts (depending on your distribution, these may live in /etc/rc.d, /etc/init.d, or maybe somewhere else entirely).


Next Previous Contents