From: Sven Schuster <schuster.sven@gmx.de>
To: "Ashley M. Kirchner" <ashley@pcraft.com>
Cc: netfilter@lists.netfilter.org
Subject: Re: Re: iptables problem (nfcan: addressed to exclusive sender for this address)
Date: Thu, 3 Nov 2005 17:23:47 +0100 [thread overview]
Message-ID: <20051103162346.GA31304@zion.homelinux.com> (raw)
In-Reply-To: <436A34B2.1080909@pcraft.com>
[-- Attachment #1: Type: text/plain, Size: 1107 bytes --]
Hi Ashley,
On Thu, Nov 03, 2005 at 09:02:58AM -0700, Ashley M. Kirchner told us:
> And I can't tell the other company to send data to separate IPs
> either because their system works based on the packet they first receive
> when the kiosk contacts them. Which goes back to my point above (about
> putting the kiosks outside the firewall.)
you say "their" system works based on the packet they first receive
when contacting them. So with multiple IPs, wouldn't it work to let
each kiosk contact the server via its own IP address via SNAT??
E.g. kiosk 1 which is internally 1.2.3.4 gets natted to the public
ip 5.6.7.8, so when it contacts the server it will establish a
connection back to 5.6.7.8 which will in turn be DNATted to 1.2.3.4.
kiosk 2 (1.2.3.5) --> 5.6.7.9
and so on...
I haven't read the whole thread, so it might be that I missed
something :-)
Wouldn't this work??
HTH
Sven
--
Linux zion.homelinux.com 2.6.14-rc5-mm1_14 #14 Wed Nov 2 11:36:18 CET 2005 i686 athlon i386 GNU/Linux
17:19:16 up 1 day, 5:25, 2 users, load average: 0.38, 0.18, 0.07
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
next prev parent reply other threads:[~2005-11-03 16:23 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-11-01 18:06 iptables problem Ashley M. Kirchner
2005-11-02 0:31 ` Buddy wu
2005-11-02 1:29 ` Ashley M. Kirchner
2005-11-02 1:37 ` Buddy wu
2005-11-02 5:56 ` Rob Sterenborg
2005-11-02 7:20 ` Nikolai Georgiev
2005-11-02 8:01 ` Rob Sterenborg
2005-11-02 22:49 ` Ashley M. Kirchner
2005-11-03 6:19 ` Rob Sterenborg
2005-11-03 6:45 ` Ashley M. Kirchner
2005-11-03 15:21 ` Re: iptables problem (nfcan: addressed to exclusive sender for this address) Jim Laurino
2005-11-03 16:02 ` Ashley M. Kirchner
2005-11-03 16:23 ` Sven Schuster [this message]
2005-11-03 17:17 ` Re: iptables problem (nfcan: addressed to exclusivesender " Rob Sterenborg
2005-11-03 17:00 ` Re: iptables problem (nfcan: addressed to exclusive (nfcan: addressed to exclusive sender for this address) sender " Jim Laurino
2005-11-03 19:57 ` Ashley M. Kirchner
2005-11-04 5:00 ` Re: iptables problem (nfcan: addressed to exclusive (nfcan: addressed to exclusive sender for this address) " Jim Laurino
2005-11-04 5:06 ` Ashley M. Kirchner
2005-11-04 6:04 ` Rob Sterenborg
2005-11-03 21:54 ` Re: iptables problem R. DuFresne
2005-11-04 0:51 ` Ashley M. Kirchner
2005-11-04 3:18 ` R. DuFresne
2005-11-04 4:26 ` Ashley M. Kirchner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20051103162346.GA31304@zion.homelinux.com \
--to=schuster.sven@gmx.de \
--cc=ashley@pcraft.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox