Hi! I have a problem which I don't know how to (or even if it's possible to) solve using Shorewall.
My connection to the Internet is done using an ADSL connection (using PPPoE) and I have a static IP. My ISP also routes to this address a subnet (in a different address range). I want to be able to assign the subnet IP addresses to servers in my DMZ or on my internal network (mostly for outbound traffic in that case). My normal Internet traffic from my PCs should all appear to come from the same IP (and preferrably one in my subnet, not my static IP address). I know NATting is involved (especially for the PCs an possibly what I believe is called 1:1 NAT for the servers) but I don't know how to set it up (it's the routed through another IP not in my subnet that confuses me the most). Before I had that subnet (actually before my old Shorewall-based firewall died) I has 3 subnets (internal network, DMZ and wifi) but and they all used a single IP address. Essentially what I want to do now is rebuild that firewall but I want to map some servers to my additionnal IP addresses. (As you can guess back then I did a lot of port forwarding rules...) I also have another question... Apart from LEAF, are there any other Linux distribution that bundles Shorewall (and other tools that might be useful on a firewall)? Is the only other choice to use a full distro and remove everything that's not useful/dangerous to have on a firewall? (My previous firewall was running LEAF (and before that, LRP...). Thank you and have a nice day! Nick ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
