This is similar to how it is done on a router. The config file /etc/rc.config.d/firewall2.rc.config is very well commented and you should look at section number 6 for the information you are looking for. Austin On Tue, Oct 23, 2001 at 08:54:34AM -0700, Traci Ben-Saad wrote:
This would be for the pool of addresses that are to be masqueraded. I will not be using DHCP on this particular server. It will basically be acting as a bastion host providing packet filtering and NAT. I am also going to be using SuSe Firewall 2, but is this set up with the IP_MASQ portion and then you just fill in the private addresses mapped out to teh public address...similar to how it is done on a router, or is it setup differently in here?
Thank you for you help. Traci
-----Original Message----- From: Austin Morgan [mailto:admorgan@morgancomputers.net] Sent: Tuesday, October 23, 2001 8:53 AM To: suse-security@suse.com Subject: Re: [suse-security] NAT question
Traci, Are you talking about DHCP or are you talking about the pool of addresses that are to be masquaraded? If DHCP that is setup seperately on linux systems. I would suggest looking at the documentation for the DHCPD package that comes with SuSE. If you are refering to the address that are to be masquaraded, that is setup in your firewall script. Without knowing what script (I use SuseFirewall 2) or if you are writing your own I am afraid I can't give you an more detailed answer
Austin On Tue, Oct 23, 2001 at 06:23:05AM -0700, Traci Ben-Saad wrote:
Hi List:
I have a question regarding the setup of NAT with IPTables. This is the first time I have set anything like this up on a SuSE box or linux box, but have done it several times on routers and switches. The question I have is where do you setup the IP pool from which NAT draws its entries. I want to be able to do IP overloading, but do not know where to set this up. I know it is done in conjunction with IP Masquerading, but just don't know where the entries should go.
Anyone, help!
Thanks Traci --
| \/ |/ ___/ ___| Austin Morgan | |\/| | | \___ \ Morgan Computer Services | | | | |___ ___) | 501-857-1189 |_| |_|\____|____/ www.morgancomputers.net