I'm trying (unsuccessfully, I might add) to do a particular thing with
IPCHAINS that I've seen done with commercial software, and I've run out of
ideas. I need someone really good at IPCHAINS to get me headed in the right
direction.
I want my firewall to take packets for another IP besides its own, pass them
through, translating them in the process so it appears a particular machine
on the inside is actually on the outside. The internal machine won't know
it is also addressable by the public address, and people outside won't know
it's real address is in a private network. The firewall needs to do all the
work. All ports need to be so translated for this other IP. The firewall
does standard NAT through its usual IP. Outside machines need to be able to
initiate connections with this special internal machine, not just respond
when it initiates them.
Never mind the security aspect, at least at this stage, it's the translation
and forwarding that I can't get to work. I can lock it down to specific
services once the barebones connection works right.
The commmercial FW-1 at work does this, but that's a different OS with a
different firewall setup and a commercial GUI. I can't duplicate what it's
doing since it's such a different setup, or rather I'm not sure I understand
what it's really doing.
Inside: Firewall: Outside:
192.168.1.x < converts transparently > public.ip.address.113
192.168.1.114, public.ip.address.114
other hosts < standard NAT > public.ip.address.114
as per standard NAT
Thanks!
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
