On Mon, December 5, 2005 10:49, Karoly VEGH wrote: >> It says basically what your admin told you, and since the interface is >> "fake" I'm doubtful that ipfilter or ipnat are going to be able to do >> anything at all with it. >> >> With that in mind, I'd say something more lightweight than ssh may work >> for you, any normal tcp connection bouncer. > > Alright - any suggestions?
On FreeBSD I've used pbnc (note -- pbnc, not psybnc which is an irc bouncer) and it works ok. It runs in userspace, so there may be performance issues if this connection is going to see a lot of traffic/connections, but I have a feeling that anything you find to do this is going to run in userspace. http://duncanthrax.net/pbnc/ I'm not sure if it's going to work on Solaris >> Then, add a MAP rule on hme1 >> so the packets don't go out with a source address of 127.0.0.1; You were >> going to end up needing this anyway. > > thanks for the effort, it is appreciated. No problem.
