On Tue, 10 Aug 1999, Alexandre Hautequest wrote:
> Hi all.
>
> This weekend i've using ip alias to setup a firewall (now called as fw)
> on my University. The idea is all my machines connected behind the fw,
> and the fw had all valid IP's and redirect packs via portfw only to the
> specific servers and services in the internal machines. All this
> machines (internally) will have B Class reserved ip numbers, and the fw
> does an masquerade of the packets to send the answers to the INet
> clients.
>
> This is my situation. I have the portfw working, all http packs (for
> example) that go to 200.xxx.xxx.15 goes to my 172.18.xxx.xxx machine.
> But i cannot do the reverse with the packs. I run the ipchains masq
> rule, using the virtual adapter (eth4:3, for exemple), and close all
> doors in the real adapter (eth4). The packs don't go back. Opening the
> firewall ports, and using a packet sniffer besides the fw and the
> router, i saw all packs outgoing with the ip number of my real adapter,
> not with the virtual one.
>
> This happens with all kinds of services i use, not just http.
>
> The question: Is this a ``feature'' or a bug? If this works, sorry for
> this post, and please if you know how to do this, send me in PVT, if you
> wish. If this is a bug, i'll pleasured to test any workaround and/or
> fix.
>
> The system is a Slack 4.0, ipchains 1.3.8, kernel 2.2.10 all modular.
>
> Sorry for the long mail. Flames in PVT, please.
>
> Thanks in advance.
>
> --
> +-------------------------+-----------------------------------+
> | Alexandre Hautequest | ISTM do Brasil - www.istm.com.br |
> | hquest@istm.com.br | Centro de Suporte Linux |
> | Suporte Técnico | r Pe. Anchieta, 793 - Mercês |
> | Linux User# 116289 | Curitiba - PR |
> | | +55 41 335-1600 |
> +-------------------------+-----------------------------------+
> | --- As opiniões aqui expressas são únicas do autor, --- |
> | --- podendo não ser as mesmas da empresa. --- |
> +-------------------------------------------------------------+
> | - Alem do obvio ululante que pulula nas mentes humanas... - |
> | |
> | - When I'm on the road, I'm indestructible. No one can - |
> | - stop me. But they try... - |
> +-------------------------------------------------------------+
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.rutgers.edu
> Please read the FAQ at http://www.tux.org/lkml/
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/