From: J Webb <jon_webb@binary-one.com>
To: netfilter-devel@lists.netfilter.org
Subject: Re: Can iptables do this?
Date: Wed, 11 Jun 2003 21:05:59 -0700 [thread overview]
Message-ID: <3EE7FC27.4060605@binary-one.com> (raw)
In-Reply-To: <see85e4d.066@gwia>
That is more of a Mobile-IP type issue. A laptop with any old ip address
will not be able to talk to the rest of your network (or gateway)
properly unless it has an IP on that network. ARP, among other things,
will be completely broken. The laptops with the pre-configured static
IP's would have to set themselves to use your internal gateway, and
unless they are in the same network, they will have no route to that, or
any other, host. I believe IPTables can't help you here.
- Jon
Wei Ming Long wrote:
>Hi Everyone,
>I have posted this question before but got no response, so I'm posting it
>again, please pardon me if you have seen this before.
>I have a wireless network with my linux machine as a gateway between the
>internet & my internal wireless network. I have iptables running on the
>gateway & also a dhcp server to serve out ip addresses to the client laptops.
>I also run the Squid proxy server on the gateway to proxy http requests. I use
>iptables to redirect http traffic to Squid and to do nat for the internal
>network.
>My question is this: what if a laptop with a preconfigured static ip address
>comes into the internal network or worse, 2 client laptops with identical
>preconfigured static ip addresses enter into network, can iptables do nat
>based on mac address <--> public ip address mapping besides the usual private
>ip address <--> public ip address mapping?
>
>Please help. Thanks.
>
>Best regards
>Matthew
>
>
>
next prev parent reply other threads:[~2003-06-12 4:05 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-06-12 3:04 Can iptables do this? Wei Ming Long
2003-06-12 4:05 ` J Webb [this message]
-- strict thread matches above, loose matches on Subject: below --
2004-01-02 17:19 public ip on LAN Amit Pasari
2004-01-02 17:27 ` Fabien LE BLEVEC
2004-01-02 18:30 ` Craig Steadman
2004-01-02 18:46 ` Michael Gale
2004-01-02 19:07 ` Can iptables do this ? Ramoni
2004-01-02 19:19 ` Antony Stone
2003-06-12 7:33 Can iptables do this? Wei Ming Long
2003-06-13 15:17 ` Harald Welte
[not found] <OFE9A4EDE9.418F3246-ONC1256BC0.0035D17B-C1256BC0.0035D196@upc.es>
[not found] ` <200205211157.MAA18294@slate.rockstone.co.uk>
2002-05-21 12:27 ` can " Sven Koch
2002-06-13 17:25 ` Antony Stone
[not found] ` <3CEA8069.EA2F5F84@spamless.genwax.com>
[not found] ` <200205211742.SAA19742@slate.rockstone.co.uk>
2002-05-21 23:48 ` Edu
[not found] <OF48E1B4A6.4F38281F-ONC1256BBF.004241A8-C1256BBF.004241D4@upc.es>
[not found] ` <200205201336.OAA14181@slate.rockstone.co.uk>
2002-05-20 17:05 ` Can " eduardg
2002-05-20 10:23 eduardg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3EE7FC27.4060605@binary-one.com \
--to=jon_webb@binary-one.com \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.