RE: Ip Forwarding - William Olbrys

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "William Olbrys" <william_olbrys@student.uml.edu>
To: netfilter@lists.netfilter.org
Subject: RE: Ip Forwarding
Date: Sat, 22 Feb 2003 09:57:30 -0500	[thread overview]
Message-ID: <000501c2da82$bc93ed50$0200a8c0@grandaddy> (raw)
In-Reply-To: <000001c2da0c$0006e5f0$0200a8c0@grandaddy>

Was this too complicated? Heh that's why I wrote such a generic
questions

-----Original Message-----
From: netfilter-admin@lists.netfilter.org
[mailto:netfilter-admin@lists.netfilter.org] On Behalf Of William Olbrys
Sent: Friday, February 21, 2003 7:48 PM
To: netfilter@lists.netfilter.org
Subject: RE: Ip Forwarding

Well I want to put a windows 2000 domain controller behind my
iptables-enabled redhat 8 box. The domain controller had a static ip
before it went behind the firewall and for Active Directory to work
correctly it HAS to stay that way. I spent days and days trying
otherwise but windows is far too stubborn. AD plus legacy support for
WINS makes nat translation a living hell. So I simply set up all my
rules as default accept and let it fly, hoping that the forwarding would
take care of itself. Essentially it did! I could perform simple function
like connecting to the internet but I couldn't do more important
functions like cruise the windows network or have things join/leave/see
the domain behind this iptables enabled box.  I thought it had something
to do with routers not seeing the right ip address as it leaves the
iptables box or the routers not being able to find its way back to this
box behind the firewall.

It struck that while I wrote this complicated email I may have come up
with a solution. Since the static IP of the win2k box is the same and
only the gateway has changed, then the data it sends will be legitimate
concerning it's IP address(not an internal IP). Could I create an alias
at the outbound NIC level for the win2k's IP address and SNAT packets
leaving the outbound NIC that originated from the win2k box?

Thank you for any help.

P.S. I'm sorry to ask such a complicated question. I am new to Linux for
the most part and have a very basic understanding of networking. No I am
not a Hotmail employee :)

-----Original Message-----
From: netfilter-admin@lists.netfilter.org
[mailto:netfilter-admin@lists.netfilter.org] On Behalf Of Willi Dyck
Sent: Friday, February 21, 2003 7:28 PM
To: netfilter@lists.netfilter.org
Subject: Re: Ip Forwarding

On Fri, Feb 21, 2003 at 06:46:03PM -0500, William Olbrys wrote:
> Is it possible to just forward the IP addresses?

Yes.

> That way my iptables/gateway box WONT change the ips and JUST act like
> a firewall? Using SNAT and DNAT is too complicated with windows.

Please provide more detailed information, so we can help.

Regards

-- 
Willi Dyck

 E2-I: The presence of this footer indicates the message has been
scanned for viruses by the WebShield e500.

 E2-O: The presence of this footer indicates the message has been
scanned for viruses by the WebShield e500.

 E2-I: The presence of this footer indicates the message has been
scanned for viruses by the WebShield e500.

 E2-O: The presence of this footer indicates the message has been scanned for viruses by the WebShield e500.

next prev parent reply	other threads:[~2003-02-22 14:57 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-02-21 23:46 Ip Forwarding William Olbrys
2003-02-22  0:28 ` Willi Dyck
2003-02-22  0:47   ` William Olbrys
2003-02-22 14:57     ` William Olbrys [this message]
2003-02-23  3:43       ` Bjorn Ruberg
2003-02-23 21:38         ` Willi Dyck
  -- strict thread matches above, loose matches on Subject: below --
2012-01-27  9:59 IP forwarding Prashant Batra (prbatra)
2005-10-21 21:22 IP Forwarding Jerry Alexander
2005-10-22 12:53 ` Henrik Nordstrom
2005-10-22 13:11 ` Aseem Rastogi
2005-08-04  1:37 IP forwarding Ricardo J. Méndez
2005-08-04  4:15 ` Gömöri Zoltán
2005-08-04  5:02   ` curby .
2005-08-04 18:42     ` Ricardo J. Méndez
2005-08-04 21:33       ` curby .
2005-08-04 22:20         ` Ricardo J. Méndez
2005-08-04  7:55   ` Jan Engelhardt
2005-08-04 16:22 ` Patrick Nelson
2005-08-04 18:19   ` Ricardo J. Méndez
2005-08-04 19:54     ` Patrick Nelson
2005-08-04 19:33 ` Jason Opperisano
     [not found] <20041028172521.3B3CB672@mail.817west.com>
2004-10-28 18:26 ` Ip Forwarding Jason Opperisano
2004-10-30 10:55   ` Nick Drage
2004-10-30 15:25     ` Jason Opperisano
2004-10-30 17:29       ` Nick Drage
2004-10-28 17:23 Joe Wright
2002-09-28  4:22 IP forwarding SB CH
2002-09-28  7:27 ` Antony Stone

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='000501c2da82$bc93ed50$0200a8c0@grandaddy' \
    --to=william_olbrys@student.uml.edu \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.