/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
Browsing through the archives and FAQs, I'm having a bit of trouble
figuring out which way I should do this:
Internet------[FW]---172.16.0.0/24
\-192.168.1.0/24
The firewall is a 3 legged device. Outside, it has eth0 as
111.111.111.111 and eth0:0 as 111.111.111.112
What I want is the internal users (172.16.0.0/24) to be able to use
masquerading. This isn't a problem. I want to put a web server in the
perimeter (192.168.1.0/24) network and port forward from 111.111.111.112
into the appropriate box.
I would think that if I used port forwarding on .112, the packet would get
in to the web server, but masquerading would send the reply out .111. So
then I'd have to use iproute2. The archives seem to point towards mfw as
an alternative, but documentation seems thin. A userland program could
probably do it, but that's not too efficient.
Any prods in the right direction?
Thanks,
Sean
-------------------------------------------------------------------
Sean Walberg <[EMAIL PROTECTED]> http://www.escape.ca/~sean
"Fore yeers ago I kudn't spel Engineer. Now I are won."
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
