On Apr 30, 2009, at 8:08 PM, Darrick Hartman wrote:
> Justin Coffi wrote:
>> *raises hand* - That is, until all the functionality is available
>> in Arno.
>>
>
> What specific functionality are you missing?
The question above is directed toward Justin... but, as background,
look at /stat/etc/rc.conf
The astfw variables are marked as depreciated, and the corresponding
Arno variables are hinted at.
This is the main remaining issue:
----
##IP DMZ Support
##Uncomment the following lines to support more traditional DMZ setups.
##If you define DMZIP astfw will automatically forward any new/unknown
##tcp and udp connections coming in on EXTIF to the IP address that you
##specify. If you say "auto", AstLinux will use the first DHCP lease
from
##the instance of dnsmasq running on INTIF.
## DMZIP - is deprecated - See NAT_FORWARD_xxx xxx={ TCP, UDP }
## to DMZIP using ports not otherwise NAT'ed, OPEN_xxx or HOST_OPEN_xxx
## documented in /stat/etc/arno-iptables-firewall/firewall.conf
#DMZIP="auto"
----
Will the "auto" hack be supported in Arno ?
Additionally, this might be an issue:
----
##If you have multiple IP addresses on your external interface and you
want 1:1 NAT
##sometimes called binat (bidirectional NAT), define that here. Use
spaces for
##multiple address maps. There is no filtering for these, beware!
## EXTIPMAP - is deprecated - See transparent-dnat arno plugin
#EXTIPMAP="4.2.2.1:192.168.111.20"
----
I am not sure how Arno's firewall can handle, say 3 static public
IP's, masqueraded on one of them and 1:1 NAT to internal private IP
address for the other two. Does EXTIPMAP handle this case?
Otherwise, /stat/etc/rc.conf documents the transition from "astfw" to
"arno".
Lonnie
------------------------------------------------------------------------------
Register Now & Save for Velocity, the Web Performance & Operations
Conference from O'Reilly Media. Velocity features a full day of
expert-led, hands-on workshops and two days of sessions from industry
leaders in dedicated Performance & Operations tracks. Use code vel09scf
and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
