Menu
▾
▴
Re: [Shorewall-users] Order of nat_out and masq
|
From: Tom E. <te...@sh...> - 2002-08-25 02:15:40
|
On Saturday 24 August 2002 06:55 pm, Tom Eastep wrote: > On Saturday 24 August 2002 06:36 pm, Tom Eastep wrote: > > On Saturday 24 August 2002 06:07 pm, Joseph T Watson wrote: > > > Is there a way to switch the order that nat and masq happen in the > > > POSTROUTING table? > > > > Yes -- set the ALL INTERFACES column to "No" in /etc/shorewall/nat. > > But I don't understand why you insist on having your local servers > communicate with each other through your firewall. That's really a > ill-advised approach. Of course the best solution (I think) for your situation is to use Proxy ARP. Your servers each have ONE IP address so none of the problems we've been discussing ever come up... -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ te...@sh... |