Mailinglist Archive: opensuse-security (465 mails)

< Previous Next >
Re: [suse-security] Connecting firewall directly to router ...
  • From: Ray Leach <raymondl@xxxxxxxxxxxxxxxxxxxxxx>
  • Date: Wed, 5 Dec 2001 12:00:09 +0200
  • Message-id: <20011205095756.EAC90E6591@xxxxxxxxxxxx>
On Mon 03 Dec 01 22:12, Søren Kent Jensen wrote:
> I too had problems with proxy arp.
> I got it to work (with help) by doing a 'arp -i eth0 -s
> 00:00:00:00:00:00 pub Where eth0 is the outside if and is
> the outside IP address. And of cause the correct MAC address of that
> interface. But it dident work before I added a route!!!! 'route add -host
> eth1' Where eth1 is the inside of my firewall.
> Hope you can make it work.
> Regards
> Søren Kent Jensen


I've tried several things to get this to work. Does my DMZ have to have
public IPs for this to work?

I've done this :
iptables -t nat -A PREROUTING -p tcp --dport 80 -d -j DNAT
arp -i eth0 -s 00:01:02:50:B8:9E pub
echo "1" > /proc/sys/net/ipv4/conf/eth0/proxy_arp

This didn't work. I still get arp requests for from the router at, but my firewall ( does not answer them.

I tried to add a route for to route via (DMZ

Any more ideas?


< Previous Next >