Tom Eastep wrote: > Andrew Suffield wrote: >> On Tue, Oct 30, 2007 at 12:12:19PM -0700, Tom Eastep wrote: >>> Rob Morin wrote: >>>> Right i see, so lets say for example, we stats will always seem like the >>>> client is Megs.... i guess bad if you want to know where hits are coming >>>> from..... >>>> >>>> So how would one get around this, in any situation mine or another setup? >>>> >>>> Just wondering then... >>> Do it right -- use a conventional two-interface firewall/gateway. >> With enough public addresses for every host and suitable routing on >> the inbound path, you don't even need a two-interface host. Although >> it's still a good idea to use one, so that it's a proper firewall. > > And if inbound routing is through a single IP address, Proxy ARP is easy > to use if a two-interface firewall is to be used.
Make that: And if inbound routing is _not_ through a single IP address, Proxy ARP is easy to use if a two-interface firewall is to be used. -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
