iptables question
Bill McGonigle
bill at bfccomputing.com
Sat Mar 10 19:24:44 EST 2007
On Mar 9, 2007, at 18:14, David A. Long wrote:
> I have a small sequential block of public IP addresses I would like to
> filter through to matching servers on my private network. The
> iptables
> NETMAP target looks like it might do this efficiently (combined with a
> lot of other rules to filter out unwanted traffic).
Just a tip - I've done something similar many years back, but I think
it wasn't with NETMAP - there might be another way - but:
I do remember banging my head against some 3Com switches for a couple
hours of following docs and fiddling with rules before I realized
both IP Forwarding and Proxy ARP had to be turned on for it to work.
And then the first examples I tried in the initial five minutes
worked straight away.
That was back when we were figuring out if we should have a firewall
for our Internet connection. These days I just setup a pfsense box
and use 1:1 NAT for this kind of setup.
-Bill
-----
Bill McGonigle, Owner Work: 603.448.4440
BFC Computing, LLC Home: 603.448.1668
bill at bfccomputing.com Cell: 603.252.2606
http://www.bfccomputing.com/ Page: 603.442.1833
New Blog: http://blog.bfccomputing.com/
VCard: http://bfccomputing.com/vcard/bill.vcf
More information about the gnhlug-discuss
mailing list