SuSefirewall2 with NAT for several servers.....
Hello friends, a question... Has somebody configured their SuSEfirewall2 with several servants that have addresses IP you publish each one?, How does the SuSEfirewall2 differentiate the packages that you/they go like destination to one or another servers if in the variable alone FW_FORWARD_MASQ the address source is placed, later the address private IP of the server inside your LAN? thank you, I hope they respond me..... please.
* Carlos Carrera wrote on Mon, Jan 20, 2003 at 14:26 -0500:
Hello friends, a question... Has somebody configured their SuSEfirewall2 with several servants that have addresses IP you publish each one?,
I do not understand what you mean.
How does the SuSEfirewall2 differentiate the packages that you/they go like destination to one or another servers if in the variable alone FW_FORWARD_MASQ the address source is placed, later the address private IP of the server inside your LAN?
Do you want to know how packets which need masquerading are determined? This is not done by SuSEfirewall but by the the kernel (the susefirewall is not at all a firewall but a firewall [I believe a packet filter firewall] config tool). The kernel can do masquerading if packets are not for the internal LAN (IP net block). This simple scheme is working for small networks, but in large networks you may get the problem that you have multiple netblocks you don't want to be masqueraded. I guess susefirewall creates such an rule. oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
participants (2)
-
Carlos Carrera
-
Steffen Dettmer