I have a firwall machine that is also my name server, connected to the internet by semi-permanent PPP links. I have fixed addresses for each end of the PPP link (defined by the ISP), and my own C-class address space for the network: {World}---ISP_ADDR_1:ppp:ISP_ADDR_2---My_Machine(DNS)---MY_ADDR:eth0:---masq network (I hope that makes sense). The masqueraded network is in the same C-class address space as MY_ADDR. This works fine with SuSEfirewall 4.x, but when I try to use SuSEfirewall2, packets sent from the ourside world to my server at MY_ADDR get dropped. The tables seem require that all INPUT traffic be addressed to ISP_ADDR_2. Is there any simple way to allow the server address to be treated in the same way as the ppp link address? ie. allow telnet/www/smtp connections to www.MY_HOST_NAME.com, where www.MY_HOST_NAME.com resolves to MY_ADDR? ---------------------------------------------------------------- Philip Warner | __---_____ Albatross Consulting Pty. Ltd. |----/ - \ (A.B.N. 75 008 659 498) | /(@) ______---_ Tel: (+61) 0500 83 82 81 | _________ \ Fax: (+61) 0500 83 82 82 | ___________ | Http://www.rhyme.com.au | / \| | --________-- PGP key available upon request, | / and from pgp5.ai.mit.edu:11371 |/
participants (1)
-
Philip Warner