/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
Ryan Klette wrote:
> HI,
>
> I have a linux Redhat 7 Firewall.
> I would like to NAT a virtual IP address to an
> internal mails server IP address.
>
> I am trying to use ipmasqadm.
>
> I have the rpm and the source and neithe install
> correctly.
>
> Withe the source I am getting a kernel headers error.
maybe you should download a kernel from www.kernel.org.
note that if you use a 2.4 kernel, you'll need the
ipchains compatibility module rather than netfilter.
> Is this also the best utility to use??
a 2.4 kernel with netfilter is the best thing
to use unless you need to nat nasty protocols
like h.323/icq. there aren't many connection
tracking modules for 2.4 yet.
> Any help would be greatly appreciated.
if by "virtual ip address" you are referring to
an interface with multiple addresses, you will
run into a problem in which the outgoing reply packets
for port forwarded connections get the wrong source
address (that of the first address on the interface)
rather than the second ("virtual") address.
with 2.2 kernels, this can be solved with the iproute2 package.
i expect it can be solved much more cleanly in the 2.4 kernels
using just iptables without help from iproute2.
raf
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
