Hi
If anybody can shed some light here ...
I have SuSE 7.2 with iptables 1.2.4.
This is my setup :
Internet host (INT1)
|
|
Internet Router (66.8.45.161/28)
|
|
eth0: 66.8.45.162 eth0:0: 66.8.45.171
Firewall ------ eth1: 192.168.1.1/24 ----- DMZ Web Server (192.168.1.3) (WEB1)
eth2: 10.0.0.2
|
|
Internal LAN Machine (10.0.0.67) (LAN1)
If I browse from LAN1 to WEB1 I get the expected web page.
If I ping eth0:0 (66.8.45.171) from an internet host I get a reponse.
If I browse eth0:0 (66.8.45.171) from an internet host (INT1), then this is what I see on the firewall logs:
Dec 10 12:49:32 firefly kernel: IN INT TO ORA1: IN=eth0 OUT= MAC=00:01:02:50:b8:9e:00:50:0f:0d:1c:76:08:00 SRC=196.38.2.133 DST=66.8.45.171 LEN=44 TOS=0x00 PREC=0x00 TTL=246 ID=33551 DF PROTO=TCP SPT=35511 DPT=80 WINDOW=8760 RES=0x00 SYN URGP=0
This is what I get from a tcpdump -i eth0 src or dst 66.8.45.171:
firefly:~ # tcpdump -n -i eth0 src or dst 66.8.45.171
Kernel filter, protocol ALL, datagram packet socket
tcpdump: listening on eth0
13:09:24.168125 196.38.2.133.35555 > 66.8.45.171.http: S 1553437572:1553437572(0) win 8760