guys,Hi,
our current office network is flat with everyone belonging to the same segment and everyone connected to cascaded hubs.
this has generated a lot of networks storms sometimes rendering the network unusable.
am in-charged of maintaining a set of PCs in a small section that mostly share files together. to keep my small network from being affected by the rest, i plan to put a Linux firewall between the office segment and my internal network.
however one of the requirements is that both networks still has to be able to communicate bi-directionally, meaning connections can be initiated be anyone.
the plan on the drawing board is for the NIC facing the office segment to have several virtual IPs and interfaces. each virtual IP corresponds to one internal IP of my internal network. any traffic directed to a particular virtual IP will be redirected to the corresponding internal machine -- a 1:1 NAT. the internal machine will receive the packet with the source IP still as the originating machine and not the IP of the firewall. all traffic going out from the internal network will have a source virtual IP associated with it as it goes to the office segment.
am not sure how to do this with iptables/netfilter. could anyone point me to a good source?
thanks!
kiko
*Yahoo! Photos <http://sg.rd.yahoo.com/mail/tagline/?http://sg.photos.yahoo.com>*
- A free party for the most "shiok" photo. *Join now!* <http://sg.rd.yahoo.com/mail/tagline/?http://sg.yahoo.com/shiok>
------------------------------------------------------------------------
-- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph .. To leave, go to http://lists.q-linux.com/mailman/listinfo/plug .. Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
Ipcop (www.ipcop.org) can satisfy your requirement.
HTH, --joecat--
-- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
