Does the mere existence of a DNAT rule cause the system to respond to ARP requests for the translated IP address?
When I originally set up the system I assumed I had to add additional IP addresses to the external interface for each of my DNAT rules, but reading random docs I suddenly thought maybe I needn't have - I can't now see anything that tells me I had to. A quick experiment on my home system was inconclusive - probably a bug in my rules. (I've long suspected that the 16 extra IP addresses on my external NIC is what is causing slow network initialisation and hence failure of sshd and apache to bind to their ports on boot.) Regards - Philip ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
