Ryan Joiner <[email protected]> wrote: > Hello, I have a firewall running CentOS6 and Shorewall 4.5.4-1. We have an > IP block 67.235.132.0/28 that the ISP has given us and our internet network > is 192.168.11.0/24. > > Right now we are able to masq all the traffic in the 192.168.11.0/24 network > and use the 67.235.132.1 IP and that works great. > > Is there a way to get the firewall itself to connect out using a different IP > on the block? Is this not done in the masq config? We would like it to go > out on a different IP for yum updates, sending out mail in postfix, and > really any connection the firewall does, we want it to use a different IP > like 67.235.132.2 or .3.
I didn't find one ! With some packages you can bind to a specific address, but many simply use the primary address on the egress interface. It may be easier to change the IP address on the interface (eg to x.x.x.2) and then MASQ/SNAT your non-firewall traffic to x.x.x.1. ------------------------------------------------------------------------------ Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
