Re: DNAT and MASQUERADE

2015-01-20 Thread Erez D
On Mon, Jan 12, 2015 at 8:50 PM, E.S. Rosenberg wrote: > Alternatively you could also have a local dns/local hosts entries that > point computerN at computer_1 when they are looking up whatever hostname is > resolving to ext_ip > nice idea. nut i'm not using DNS for that. also will cause all

Re: DNAT and MASQUERADE

2015-01-20 Thread Erez D
On Thu, Jan 8, 2015 at 11:02 PM, shimi wrote: > > On Thu, Jan 8, 2015 at 10:43 AM, Erez D wrote: > >> >> >> On Wed, Jan 7, 2015 at 11:41 AM, shimi wrote: >> >>> >>> >>> On Wed, Jan 7, 2015 at 11:35 AM, shimi wrote: >>> On Wed, Jan 7, 2015 at 10:16 AM, Erez D wrote: > h

Re: DNAT and MASQUERADE

2015-01-12 Thread E.S. Rosenberg
Alternatively you could also have a local dns/local hosts entries that point computerN at computer_1 when they are looking up whatever hostname is resolving to ext_ip If they are on the same LAN all normal (sane) security policy will cause the drop of their packets when they are trying to reac

Re: DNAT and MASQUERADE

2015-01-08 Thread shimi
On Thu, Jan 8, 2015 at 10:43 AM, Erez D wrote: > > > On Wed, Jan 7, 2015 at 11:41 AM, shimi wrote: > >> >> >> On Wed, Jan 7, 2015 at 11:35 AM, shimi wrote: >> >>> >>> >>> On Wed, Jan 7, 2015 at 10:16 AM, Erez D wrote: >>> hello. I have an iptables question i have the f

Re: DNAT and MASQUERADE

2015-01-08 Thread Erez D
On Wed, Jan 7, 2015 at 11:41 AM, shimi wrote: > > > On Wed, Jan 7, 2015 at 11:35 AM, shimi wrote: > >> >> >> On Wed, Jan 7, 2015 at 10:16 AM, Erez D wrote: >> >>> hello. >>> >>> I have an iptables question >>> >>> i have the following >>> >>> ext_ip -> NAT1 -> linux firewall-> network -> comput

Re: DNAT and MASQUERADE

2015-01-07 Thread shimi
On Wed, Jan 7, 2015 at 11:35 AM, shimi wrote: > > > On Wed, Jan 7, 2015 at 10:16 AM, Erez D wrote: > >> hello. >> >> I have an iptables question >> >> i have the following >> >> ext_ip -> NAT1 -> linux firewall-> network -> computer1:eth0 .. computer99 >> >> i have no control over NAT1. >> compu

Re: DNAT and MASQUERADE

2015-01-07 Thread shimi
On Wed, Jan 7, 2015 at 10:16 AM, Erez D wrote: > hello. > > I have an iptables question > > i have the following > > ext_ip -> NAT1 -> linux firewall-> network -> computer1:eth0 .. computer99 > > i have no control over NAT1. > computer1 also can reach the internet via eth1. > > linux firewall red

DNAT and MASQUERADE

2015-01-07 Thread Erez D
hello. I have an iptables question i have the following ext_ip -> NAT1 -> linux firewall-> network -> computer1:eth0 .. computer99 i have no control over NAT1. computer1 also can reach the internet via eth1. linux firewall redirects incoming port from ext_ip to computer1 however i need co