Mailinglist Archive: opensuse-security (485 mails)

< Previous Next >
Traffic redirection using SuSEFirewall2
  • From: Manuel Balderrábano <garibolo@xxxxxxxxxx>
  • Date: Thu, 4 Mar 2004 13:53:11 +0100
  • Message-id: <200403041353.11972.garibolo@xxxxxxxxxx>
Hi to all.

I am using SuSEfirewall2 under SuSE 9.0.

The firewall has three interfaces, for the EXT, INT and DMZ zones. Every
address I use for the DMZ and INT zones are private (192.168.x.y).

All traffic from the INT to the EXT and from the EXT to the DMZ interfaces is
masqueraded.

All traffic betwen the EXT and INT interfaces is OK, but I have a problem with
the DMZ.

I have an apache web server connected to the DMZ interfaz, using a crossover
RJ-45. My problem is that all trafic is logged as coming from the firewall
IP. It works perfectly, but I dont like the idea of not beeing able to log
conections. Also I don't know if cookies will be handled correctly for each
connection.

I know this is because I masquerade all traffic going towards the DMZ, but I
wonder if there is any way to do a port redirection using SuSEFirewall2.

By port redirection I mean that all traffic coming to a specific port of the
firewall will be redirected to a specific server on the DMZ zone, I think
this is called circuit-level forwarding.

Thanks in advance.



< Previous Next >
This Thread
  • No further messages