[an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive]
 
[an error occurred while processing this directive] [an error occurred while processing this directive]
Skåne Sjælland Linux User Group - http://www.sslug.dk Home   Subscribe   Mail Archive   Forum   Calendar   Search
MhonArc Date: [Date Prev] [Date Index] [Date Next]   Thread: [Date Prev] [Thread Index] [Date Next]   MhonArc
 

transparent fw og nat på samme maskine



Hej.
Jeg har en maskine der hidtil har fungeret som firewall med NAT/masquerading til og fra et internt netværk. Firewallen er iptables.


Nu vil man tilføje et DMZ hvor maskinerne har offentlige IP adresser.

Det forestiller jeg mig kan gøres ved at sætte et tredje netkort i firewallen, og så sætte den op til at være "transparent" mellem det eksterne netkort og DMZet. Den nuværende konfiguration skal gerne blive den samme.
Der er i alt 5 offentlige IP adresser (ikke et subnet med 8) som er en del af et /24 netværk at gøre godt med.


Skal jeg så sætte firewallens eksterne netkort til at have alle 5 IP adresser og derefter benytte iptables til at forwarde trafikken til DMZ kortet, samt at NATe trafik på den ene IP adresse til det internet kort?
Hvordan gøres det?


Mvh Rasmus

 
Home   Subscribe   Mail Archive   Index   Calendar   Search

 
 
Questions about the web-pages to <www_admin>. Last modified 2005-08-10, 22:43 CEST [an error occurred while processing this directive]
This page is maintained by [an error occurred while processing this directive]MHonArc [an error occurred while processing this directive] # [an error occurred while processing this directive] *