Mailinglist Archive: opensuse-security (575 mails)
| < Previous | Next > |
Re: [suse-security] SuSEfirewall2: external ip aliases with forward / masq?
- From: Togan Muftuoglu <toganm@xxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 27 Nov 2002 01:36:45 +0200
- Message-id: <20021126233645.GS2841@xxxxxxxxxxxx>
* Howard, Neal; <nhoward@xxxxxxxxx> on 26 Nov, 2002 wrote:
I know the feeling :-)
Now although I said
It's better to have the aliases eth0:1 and eth0:2 in FW_DEV_DMZ and then
FW_FORWARD_MASQ them for the vendor this way it should be both secure
and doable (cross your fingers)
--
Togan Muftuoglu
I'll try it out tomorrow, it's been a long day here in Texas too and my
brain hurts right now!
I know the feeling :-)
I'm guessing I should use the external ip aliases in the first part of
each stanza of FW_FORWARD_MASQ instead of putting the vendor's ip address
in that place like I was doing?
Now although I said
FW_DEV_EXT="eth0 eth0:1 eth0:2"
It's better to have the aliases eth0:1 and eth0:2 in FW_DEV_DMZ and then
FW_FORWARD_MASQ them for the vendor this way it should be both secure
and doable (cross your fingers)
--
Togan Muftuoglu
| < Previous | Next > |