From: Friedrich L. <fl...@fl...> - 2004-01-16 00:18:51
|
t....@co... wrote on 16.01.2004 00:54 MET: >Friedrich Lobenstock wrote: >> >>Set up a the route in ifcfg-eth2 (yes, eth2 NOT eth0!) >> ROUTE="$ROUTE 217.33.42.211:192.168.3.17" >>(remove the ROUTE line from eth0!) >> >>Set an ARP entry on eth0 >> arp -i eth0 -s 217.33.42.211 XX:XX:XX:XX:XX:XX pub >> >>with XX:XX:XX:XX:XX:XX beeing the MAC address of eth0 >>which should attract all the traffic for 217.33.42.211 >>to your host and then the routing table jumps in. >> >>Don't forget to set an entry in the FORWARD table via >>iptables. > > Does DL support IP aliases? That's how my SnapGear linux > based firewall does it, just set two IP's on eth0, then > add a forwarding rule to the NAT. I suppose it does the > same thing but seems a bit cleaner somehow. Of course it does support ip aliases. Just create ifcfg-eth0:0 and set "DEVICE=eth0:0" in there. But besides setting an ip alias they will need two iptables rules instead of one, one in the PREROUTING table and the other one like me in the FORWARD table. And of course the routing entry mentioned above. Or am I wrong here? If they do it like that then this is basically the same a saying "why do it the easy way if we can do it the complicated one" ;-) [translated saying from German] -- MfG / Regards Friedrich Lobenstock ____________________________________________________________________ Friedrich Lobenstock Linux Services Lobenstock URL: http://www.lsl.at/ Email: fl...@fl... ____________________________________________________________________ |