Re: [Devil-Linux-discuss] Forwarding problem

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi!

Theunis Botha wrote:
> Hi guys.. (and girls?)
>  
> I am in a particular situation where, i cannot specify a default gateway 
> on an ISDN LAN modem since it doesn't support that functionality.
>  
> It sort off 'Terminates' a network.
> It makes the network you are reaching by dialing into it from outside, 
> "THE ULTIMATE DESTINATION"
>  
> But now, i want "ALTERNATE DESTINATION" ;)
>  
> see, if they ping 192.168.0.1 (living on the network they just dialed 
> into), which happened to be the server,
> i want to put the FW as 192.168.0.1, and then forward all the packets to 
> the "REAL" server and back.
>  
> And then i want to obviously filter the packets with my nifty firewall 
> rules.
>  
> Any ideas?
>  
> In my mind, it looks something like this :
>  
> 192.168.0.1(server)
> |
> 192.168.0.3(FW) eth0
> 192.168.0.1(FW) eth1
> |
> 192.168.0.3(ISDN LAN modem)
>  
> Oh, and the server must think the FW is the Modem, since the network is 
> setup to forward stuff to 0.3, and changing this simple
> thing would cause havoc at about 10 places at the same time.
>  
> (and it actually does get a bit more complicated, but in basic, that is 
> the problem.)

I suggest reading a book about routing. Your setup can only work in
the transparent bridging mode of the firewall. But you won't need
that.

Can you describe your setup a little more? From what I read
I think that you are actually trying to do this:

192.168.1.1(server)
    |
    |
192.168.1.3(FW) eth0
192.168.0.1(FW) eth1
    |
    |
192.168.0.3(ISDN LAN modem)
external IP (provided by ISP)
    |
    |
Internetserviceprovider (ISP)

You want to reach a service runnning on your server and configure
your ISDN router (it can't be a modem as it connects via Ethernet to
your firewall) to forward a specifiy port from its external interface
to the Firewall (IP 192.168.0.1). There you configure iptables DNAT
and forwarding rules to finaly forward this port to your server.
So you do not need to configure any extra routing entry on your ISDN
router.

>  
> Oh, and does ssh and sshd work on dl0.44?

BTW 0.5 is the current release and 0.6 is comming to pre release
state soon.

-- 
MfG / Regards
Friedrich Lobenstock
____________________________________________________________________
Friedrich Lobenstock                       Linux Services Lobenstock
URL: http://www.lsl.at/                         Email: fl...@fl...
____________________________________________________________________