This is the scheme that I have currently running with BSD pf "packet filtering", but I want to migrate to shorewall:
eth0:201.41.93.210 -> 172.16.0.251 tcp 80 eth0:201.41.93.211 -> 172.16.0.250 tcp 25, 110, 143, 465, 993 eth0:201.41.93.212 -> Only NAT to 172.16.0.253 eth0:201.41.93.213 -> 172.16.0.252 tcp 80, 443 eth1:200.41.183.22 -> 10.10.10.2 tcp 21, 25, 80, 110, 143, 443, 465, 993 | udp 53 and failover to NAT 172.16.0.253,two networks are on the same interface "eth2" Tank U! 2015-06-17 2:04 GMT-03:00 OddieX <[email protected]>: > Tom, I have 4 host in my DMZ, mail relay with imap/pop reverse, http > relay, squid proxy for outgoing traffic what need masq and other web server > without relay http... > > > 2015-06-16 20:28 GMT-03:00 Tom Eastep <[email protected]>: > >> On 6/11/2015 6:59 PM, OddieX wrote: >> >> I have 2 ISP: >> >> NET eth0, eth0:0, eth0:1, eth0:2 - gateway 201.41.93.209 >> NET eth1 with 1 IP address and gateway 200.41.183.21 >> eth2 DMZ 172.16.0.0/24 >> >> >> eth0:201.41.93.210 openvpn and others services IP >> eth0:201.41.93.211 mailserver, smtp, pop, imap, etc >> eth0:201.41.93.212 outgoing web and other traffic >> eth0:201.41.93.213 webserver ip >> eth1:200.41.183.22 is other webserver and failover outgoing web >> traffic >> >> How many systems do you have in your DMZ? Which of the above services >> run on each machine? >> >> Thanks, >> -Tom >> >> -- >> Tom Eastep \ When I die, I want to go like my Grandfather who >> Shoreline, \ died peacefully in his sleep. Not screaming like >> Washington, USA \ all of the passengers in his carhttp://shorewall.net >> \________________________________________________ >> >> >> >> ------------------------------------------------------------------------------ >> >> _______________________________________________ >> Shorewall-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/shorewall-users >> >> >
------------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
