On Fri, 14 Sep 2001, Chris G Haravata wrote:
> guys, i have a firewall that does masquerading of all local IPs. The
> question is, what rule do I use so that I can use a public IP from the
> inside without the firewall masquesrading it to it's own IP?
>
> sample
>
> server1 IP = 203.87.142.97
> server2 IP = 201.166.12.12
>
> server2 to go through server1. server1 is a firewall that masquerades local
> IPs.
>
This needs a little fiddling around with the router. You should config
your router to look to your masq server if the destination ip is server 2
ip route add 201.166.12.12 via 203.187.142.97
server 2 should have an IP (either private or public) that will allow it
to see an interface of server 1.
server1
eth0: 203.87.142.97
eth0:0 192.168.0.1
server2
eth0: 201.166.12.12
eth0:0 192.168.0.2
then in server 1, you have ip forwarding enabled, and the ff: route rules
ip route add 201.166.12.12/32 via 192.168.0.2 dev eth0
and the ipchains rule setting
-A forward -s 0/0 -d 201.166.12.12/32 -J ACCEPT
-A forward -s 0/0 -d 192.168.0.2/32 -J ACCEPT
I hope this helps!
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
