[Shorewall-users] Ip aliasing

Tom Eastep teastep at shorewall.net
Thu Dec 4 10:48:46 PST 2003


On Thu, 2003-12-04 at 10:26, Marcelo Mujica wrote:
> Alex, thanks for your response.
> I`m talking about use proxy arp with publics address in the DMZ but I got some resistence..., because I said, before, that with prot forwarding are the better option and now I have to change the config.
> In other order, maybe I like to know how do port forwarding in the correct way(not with the errors that you detect). To learn I apreciate if you want correct me. 
> In other way I go to try proxy arp in another test server.
> 

To forward just one port, you will have to create the alias manually
then just use a DNAT rule.

DNAT	net	dmz:<internal ip> <proto> <port> - <alias addr>

But of course that is described on the page that you already referred
to:

http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net




More information about the Shorewall-users mailing list