From: Arthur van Leeuwen <arthurvl@sci.kun.nl>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] routing to two interfaces
Date: Thu, 21 Nov 2002 08:27:55 +0000 [thread overview]
Message-ID: <marc-lartc-103786733102294@msgid-missing> (raw)
In-Reply-To: <marc-lartc-103783300809624@msgid-missing>
On Wed, 20 Nov 2002, Paco Brufal wrote:
> Sorry if this question is very common, but I searched the
> maillist archive and didn't found an answer...
Did you read the HOWTO?
> I have a linux box with 3 interfaces, 2 of them have public IPs
> (eth1 and eth2), and the third is a private IP (our LAN). I want to do the
> following: if a packet is coming from eth1, it must be forwarded to eth0,
> and when it comes back, it must be routed to eth1. In case of packet comes
> from eth2, it must be forwarded to eth0, and the respose must be routed to
> eth2. In other words, a packet must leave our network by the interface it
> come.
Okay, given the fact that you are using private IP space in your LAN this
should be very doable using NAT and connection tracking. Read up on the
`Using multiple uplinks' sections in the HOWTO.
What I don't really understand though is that you seem to want to allow
connections from *outside* to either eth1 or eth2, routing those through to
the internal network, and then be able to route the stuff back. The only
simple solution to that problem I can see is to use application level proxies
on the firewall. Thereby you can suddenly let the application proxy handle the
correct forwarding and keep the necessary state on the firewall.
Doei, Arthur.
--
/\ / | arthurvl@sci.kun.nl | Work like you don't need the money
/__\ / | A friend is someone with whom | Love like you have never been hurt
/ \/__ | you can dare to be yourself | Dance like there's nobody watching
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next prev parent reply other threads:[~2002-11-21 8:27 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-11-20 22:55 [LARTC] routing to two interfaces Paco Brufal
2002-11-20 23:05 ` Martin A. Brown
2002-11-20 23:26 ` Robert Felber
2002-11-20 23:34 ` Robert Felber
2002-11-20 23:45 ` Martin A. Brown
2002-11-21 0:04 ` Robert Felber
2002-11-21 0:09 ` Robert Felber
2002-11-21 0:27 ` Paco Brufal
2002-11-21 0:38 ` Paco Brufal
2002-11-21 3:37 ` Martin A. Brown
2002-11-21 8:27 ` Arthur van Leeuwen [this message]
2002-11-21 18:28 ` Paco Brufal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-103786733102294@msgid-missing \
--to=arthurvl@sci.kun.nl \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.