What is MASQUERADE in the context of iptables?

It is an algorithm dependant on the iptables implementation that allows one to route traffic without disrupting the original traffic.

I use the masquerade algorithm when I want to create a virtual wifi adapter and share my wifi.

Im NOT talking about sharing Ethernet connection through your wifi, Im talking about sharing the wifi connection through your wifi via masquerading it to a virtual adapter. This in effect lets you share your wifi connection through wifi.

.

.

Read this and scroll down to MASQUERADE: http://billauer.co.il/ipmasq-html.html

Read this for more in depth: http://oreilly.com/openbook/linag2/book/ch11.html

All those questions about "Connectify for linux" can be solved by implementing the MASQUERADE algo.

For a direct example visit this page: http://pritambaral.com/2012/05/connectify-for-linux-wireless-hotspot/

I HAVE NOT READ THE LAST LINK!!!! But the following is an accurate excerpt/example.

sudo sysctl -w net.ipv4.ip_forward=1
sudo iptables -A FORWARD -i wlan0 -j ACCEPT
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

I really dislike how search engines make the algorithm out to be some evil type of hack.. I use it merely so share my internet with my android phones.

FINAL EDIT: this link is the bestest http://gsp.com/cgi-bin/man.cgi?section=3&topic=libalias

MASQUERADE is an iptables target that can be used instead of SNAT target (source NAT) when external ip of the inet interface is not known at the moment of writing the rule (when server gets external ip dynamically).

After study of above answers, this is what caused me to understand:

Masquerading allows an entire network of internal IP addresses to operate through one external IP address and masquerading allows conversion from one protocol to another (wired/wireless).

When the MASQUERADE chain sends a datagram from a computer it...

1. Takes note of the type of datagram it is, "TCP," "UDP," "ICMP," etc. Note: An unknown might not work correctly through MASQUERADE.
2. Modifies the datagram so that it looks like it was generated by the router machine itself (the one external address).
3. Remembers that it has done so, recording the local source and external destination IPs.
4. Transmits the datagram onto the Internet with the single external IP address.

Note: When the destination host receives this datagram, it believes the datagram has come from the one routing host and sends any reply datagrams back to that address.

When the Linux MASQUERADE chain receives a datagram from its Internet connection,

1. It looks in its table of established masqueraded connections to see if this datagram actually belongs to a computer on the LAN.
2. If it does, it reverses the modification it did on the forward path and transmits the datagram to the LAN computer.

The MASQUERADE chain is useful for internally creating and entire private IP address space, and for forwarding packets that would otherwise be incompatible.

The Ethernet, or wired protocol, assumes that the packet comes from the source and reports itself. The Wifi, or wireless protocol, assumes that the packet is being repeated and reports itself and the original source.

For this reason, Wifi and Ethernet cannot be directly bridged because they are incompatible. Masquerading causes the packets to be rebuilt and will thereby handle conversion between wired and wireless standards. Note: There are ways to cause your computer to accept the incompatibility internally and bridge, but without a full masquerade, the bridge spoof will be viewed externally as a security risk and those requests will be rejected.