Associate aliased IP address with server in DMZ (SNAT)

Linux firewall distribution geared towards home and SOHO users.

Status: Abandoned

Brought to you by: gespinasse, jackb_guppy, owes, riddles

#319 Associate aliased IP address with server in DMZ (SNAT)

Status: open

Owner: nobody

Labels: None

Priority: 5

Updated: 2006-06-13

Created: 2006-06-13

Creator:

Private: No

It could be very useful if certain servers in the DMZ
could have different IP addresses associated with them.
Many mail servers do a reverse DNS lookup when
contacted by another mail server and if the IP address
does not match the looked up address the mails are
marked as spam or just dropped.

Our firewall has IP address XXX.YYY.ZZZ.200 and all
servers in the DMZ seem (to the outside) to origin from
that address.

I manually added this:
iptables -t nat -A CUSTOMPOSTROUTING -o eth2 -s
10.0.1.251 -j SNAT --to-source XXX.YYY.ZZZ.251

..so that our mail server (10.0.1.251) externally seem
to have the XXX.YYY.ZZZ.251 address.

Discussion

Markus Hoffmann - 2006-06-17

Logged In: YES
user_id=1319917

Maybe this is what you're looking for ?

http://mh-lantech.css-hamburg.de/ipcop/download.php?view.154

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Associate aliased IP address with server in DMZ (SNAT)

Linux firewall distribution geared towards home and SOHO users.

Group

Searches

Help

#319 Associate aliased IP address with server in DMZ (SNAT)

Discussion