From: sangprabv <san...@gm...> - 2010-05-25 07:22:48
|
Dear list, Due to lack of hardware I must run a http based application on my firewall which is listen on 1.2.3.5. Therefore I add one public virtual IP on it. All I want is whenever the application hit to my partner side it must read as 1.2.3.5. But the problem now is my partner read the connection comes from 1.2.3.4 instead of 1.2.3.5. How to manipulate this situation? Thanks alot. sangprabv san...@gm... |
From: Tom E. <te...@sh...> - 2010-05-25 13:06:07
Attachments:
signature.asc
|
On 5/25/10 12:22 AM, sangprabv wrote: > Dear list, Due to lack of hardware I must run a http based > application on my firewall which is listen on 1.2.3.5. Therefore I > add one public virtual IP on it. All I want is whenever the > application hit to my partner side it must read as 1.2.3.5. But the > problem now is my partner read the connection comes from 1.2.3.4 > instead of 1.2.3.5. How to manipulate this situation? Thanks alot. I'm very unclear about what problem you are trying to solve but it sounds like you need an entry in /etc/shorewall/masq. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ |
From: sangprabv <san...@gm...> - 2010-05-26 01:50:19
|
Hi Tom, Thanks for the reply. OK I will try to explain more :) I have these eth configurations on my firewall: My WAN eth0 1.2.3.4 eth0:5 1.2.3.5 eth0:6 1.2.3.6 My LAN eth1 192.168.1.1 I register eth0:5 (1.2.3.5) that will be used by my application A and eth0:6 (1.2.3.6) that will be used by my application B. Both applications are in my firewall. When I try to connect to my partner using application A and B, it always detected as eth0 (1.2.3.4) rather then eth0:5 (1.2.3.5) and eth0:6 (1.2.3.6). I also have add this rule in masq: eth0:5 192.168.1.1 1.2.3.5 tcp 15000 eth0:6 192.168.1.1 1.2.3.6 tcp 15000 sangprabv san...@gm... On May 25, 2010, at 8:05 PM, Tom Eastep wrote: > On 5/25/10 12:22 AM, sangprabv wrote: >> Dear list, Due to lack of hardware I must run a http based >> application on my firewall which is listen on 1.2.3.5. Therefore I >> add one public virtual IP on it. All I want is whenever the >> application hit to my partner side it must read as 1.2.3.5. But the >> problem now is my partner read the connection comes from 1.2.3.4 >> instead of 1.2.3.5. How to manipulate this situation? Thanks alot. > > I'm very unclear about what problem you are trying to solve but it > sounds like you need an entry in /etc/shorewall/masq. > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > ------------------------------------------------------------------------------ > > _______________________________________________ > Shorewall-users mailing list > Sho...@li... > https://lists.sourceforge.net/lists/listinfo/shorewall-users |
From: Tom E. <te...@sh...> - 2010-05-26 02:07:25
Attachments:
signature.asc
|
On 5/25/10 6:50 PM, sangprabv wrote: > Hi Tom, > Thanks for the reply. OK I will try to explain more :) > I have these eth configurations on my firewall: > My WAN > eth0 1.2.3.4 > eth0:5 1.2.3.5 > eth0:6 1.2.3.6 > > My LAN > eth1 192.168.1.1 > > I register eth0:5 (1.2.3.5) that will be used by my application A and eth0:6 (1.2.3.6) that will be used by my application B. Both applications are in my firewall. When I try to connect to my partner using application A and B, it always detected as eth0 (1.2.3.4) rather then eth0:5 (1.2.3.5) and eth0:6 (1.2.3.6). > I also have add this rule in masq: > eth0:5 192.168.1.1 1.2.3.5 tcp 15000 > eth0:6 192.168.1.1 1.2.3.6 tcp 15000 Which proves that you have looked at the documentation but haven't read it. The :5 and :6 in the first column don't do anything. -Yom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ |
From: Tom E. <te...@sh...> - 2010-05-26 02:17:25
Attachments:
signature.asc
|
On 5/25/10 6:50 PM, sangprabv wrote: > Hi Tom, > Thanks for the reply. OK I will try to explain more :) > I have these eth configurations on my firewall: > My WAN > eth0 1.2.3.4 > eth0:5 1.2.3.5 > eth0:6 1.2.3.6 > > My LAN > eth1 192.168.1.1 > > I register eth0:5 (1.2.3.5) that will be used by my application A > and eth0:6 (1.2.3.6) that will be used by my application B. Both applications are in my firewall. When I try to connect to my partner using application A and B, it always detected as eth0 (1.2.3.4) rather then eth0:5 (1.2.3.5) and eth0:6 (1.2.3.6). > I also have add this rule in masq: > eth0:5 192.168.1.1 1.2.3.5 tcp 15000 > eth0:6 192.168.1.1 1.2.3.6 tcp 15000 You also say that you have added these rules; what appears before them? Like in almost all Shorewall configuration files, the first rule that matches a connection determines the outcome. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ |
From: sangprabv <san...@gm...> - 2010-05-26 02:31:36
|
I think I have found the solution. Modifying the masq file into: eth0:5:1.2.3.5 1.2.3.4 1.2.3.5 tcp 15000 eth0:6:1.2.3.6 1.2.3.4 1.2.3.6 tcp 15000 It works now. Many thanks Tom. sangprabv san...@gm... On May 26, 2010, at 9:08 AM, Tom Eastep wrote: > On 5/25/10 6:50 PM, sangprabv wrote: >> Hi Tom, >> Thanks for the reply. OK I will try to explain more :) >> I have these eth configurations on my firewall: >> My WAN >> eth0 1.2.3.4 >> eth0:5 1.2.3.5 >> eth0:6 1.2.3.6 >> >> My LAN >> eth1 192.168.1.1 >> >> I register eth0:5 (1.2.3.5) that will be used by my application A >> and > eth0:6 (1.2.3.6) that will be used by my application B. Both > applications are in my firewall. When I try to connect to my partner > using application A and B, it always detected as eth0 (1.2.3.4) rather > then eth0:5 (1.2.3.5) and eth0:6 (1.2.3.6). > >> I also have add this rule in masq: >> eth0:5 192.168.1.1 1.2.3.5 tcp 15000 >> eth0:6 192.168.1.1 1.2.3.6 tcp 15000 > > You also say that you have added these rules; what appears before them? > Like in almost all Shorewall configuration files, the first rule that > matches a connection determines the outcome. > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > ------------------------------------------------------------------------------ > > _______________________________________________ > Shorewall-users mailing list > Sho...@li... > https://lists.sourceforge.net/lists/listinfo/shorewall-users |