On Tuesday 04 February 2003 22:49, Matthias F. Brandstetter wrote: > Hi all, > > I have an iptables-based GW/firewall and private LAN behind. Via > one-to-one NAT (with shorewall) I give the ext. NIC of the GW some > more IP aliases, so that the clients behind are reachable from the > outside. >
Why don't you use briding (+transparent firewalling) in this case. It makes live a lot easier. Of course this means that you need to have an official ip address for all machines (or block them from the firewall) Paul -- Paul de Vrieze Researcher Mail: [EMAIL PROTECTED] Homepage: http://www.cs.kun.nl/~pauldv
msg00492/pgp00000.pgp
Description: signature
