[Shorewall-users] Problematic configuration....

Gavin Thomas Nicol gtn at rbii.com
Tue Jan 20 20:36:58 PST 2004


On Tuesday 20 January 2004 06:36 pm, Tom Eastep wrote:
> I think you'll be happier with one-to-one nat on the "Visible box".
> Otherwise, getting the "Visible box" to communicate with the rest of the
> local network is a real headache (unless you add another interface to the
> firewall).

A licensing application running on the "Visible" box requires the external and 
machine IP's to match (apparently). In the nat file, can I do something like 
this:

	68.x.x.3		eth1		68.x.x.3		no		no
	68.x.x.26		eth1:0	68.x.x.26		no		no

in order to have the packets coming in from eth1 and eth1:0 forwarded to the 
"Visible" box (which in turn with have eth0 and eth0:0 bound to the 
addresses)?

Sorry if these are newbie questions...



More information about the Shorewall-users mailing list