From: Friedrich L. <fl...@fl...> - 2003-04-03 11:06:34
|
Hi! Theunis Botha wrote: > Hi guys.. (and girls?) > > I am in a particular situation where, i cannot specify a default gateway > on an ISDN LAN modem since it doesn't support that functionality. > > It sort off 'Terminates' a network. > It makes the network you are reaching by dialing into it from outside, > "THE ULTIMATE DESTINATION" > > But now, i want "ALTERNATE DESTINATION" ;) > > see, if they ping 192.168.0.1 (living on the network they just dialed > into), which happened to be the server, > i want to put the FW as 192.168.0.1, and then forward all the packets to > the "REAL" server and back. > > And then i want to obviously filter the packets with my nifty firewall > rules. > > Any ideas? > > In my mind, it looks something like this : > > 192.168.0.1(server) > | > 192.168.0.3(FW) eth0 > 192.168.0.1(FW) eth1 > | > 192.168.0.3(ISDN LAN modem) > > Oh, and the server must think the FW is the Modem, since the network is > setup to forward stuff to 0.3, and changing this simple > thing would cause havoc at about 10 places at the same time. > > (and it actually does get a bit more complicated, but in basic, that is > the problem.) I suggest reading a book about routing. Your setup can only work in the transparent bridging mode of the firewall. But you won't need that. Can you describe your setup a little more? From what I read I think that you are actually trying to do this: 192.168.1.1(server) | | 192.168.1.3(FW) eth0 192.168.0.1(FW) eth1 | | 192.168.0.3(ISDN LAN modem) external IP (provided by ISP) | | Internetserviceprovider (ISP) You want to reach a service runnning on your server and configure your ISDN router (it can't be a modem as it connects via Ethernet to your firewall) to forward a specifiy port from its external interface to the Firewall (IP 192.168.0.1). There you configure iptables DNAT and forwarding rules to finaly forward this port to your server. So you do not need to configure any extra routing entry on your ISDN router. > > Oh, and does ssh and sshd work on dl0.44? BTW 0.5 is the current release and 0.6 is comming to pre release state soon. -- MfG / Regards Friedrich Lobenstock ____________________________________________________________________ Friedrich Lobenstock Linux Services Lobenstock URL: http://www.lsl.at/ Email: fl...@fl... ____________________________________________________________________ |