[Shorewall-users] Ip aliasing
teastep at shorewall.net
Thu Dec 4 10:48:46 PST 2003
On Thu, 2003-12-04 at 10:26, Marcelo Mujica wrote:
> Alex, thanks for your response.
> I`m talking about use proxy arp with publics address in the DMZ but I got some resistence..., because I said, before, that with prot forwarding are the better option and now I have to change the config.
> In other order, maybe I like to know how do port forwarding in the correct way(not with the errors that you detect). To learn I apreciate if you want correct me.
> In other way I go to try proxy arp in another test server.
To forward just one port, you will have to create the alias manually
then just use a DNAT rule.
DNAT net dmz:<internal ip> <proto> <port> - <alias addr>
But of course that is described on the page that you already referred
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
More information about the Shorewall-users