From: Rudi Starcevic <tech@wildcash.com>
To: netfilter@lists.netfilter.org
Subject: Re: Fwd: Route packets from an interface to another
Date: Mon, 12 Sep 2005 08:06:21 -0700 [thread overview]
Message-ID: <4325996D.2070801@wildcash.com> (raw)
In-Reply-To: <65aa6af9050911145833fa12fd@mail.gmail.com>
Edmundo,
> Is that of any help?
Indeed yes ... many thanks.
> I will assume you want to be able to have traffic between your two lans, right?
Yes. Once that is in place I'm interested in restricting the IPs who
travers the two networks.
>
> I will delete your routing tables.
>
> I will flush all routing from the default table.
>
> Set eth0 and eth1:
> ifconfig eth0 blah blah
> ifconfig eth1 blah blah
>
> set the default gw
> ip route add default via gwIP
>
> let's enable forward between both interfaces:
> echo "1" > /proc/blah/blah/ip_forward
>
> I don't remember if eth0 is the lan with the internet router... or eth1
It's eth0.
>
> I will assume it's eth1 for this next paragraph.
>
> here's a thing you have to consider. If the boxes in the eth1 lan know
> how to reach the boxes in eth0 lan (that means, they know they have to
> use you as the router for that network), then you have to do nothing
> else. You will have traffic traversing between both networks. If they
> don't, then masquerade traffic going out eth1.
>
> There are a couple of aditional details.... but I guess that's the
> "core" of the problem.
Awesome .. thanks again .. just the advice I was hoping to gain.
I hope to build a ruleset that doesn't need Masquerading between
interfaces, but as we know that belongs to the LARTC list.
Regards,
Rudi.
next prev parent reply other threads:[~2005-09-12 15:06 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-09 19:51 Route packets from an interface to another Jonathan
2005-09-09 21:36 ` /dev/rob0
2005-09-09 21:18 ` Jonathan
2005-09-10 4:45 ` /dev/rob0
2005-09-10 7:54 ` /dev/rob0
2005-09-12 7:56 ` Jonathan
2005-09-13 1:45 ` /dev/rob0
2005-09-12 13:36 ` Rudi Starcevic
[not found] ` <65aa6af905091114314108597e@mail.gmail.com>
2005-09-11 21:32 ` Fwd: " Edmundo Carmona
2005-09-12 14:39 ` Rudi Starcevic
[not found] ` <65aa6af9050911145833fa12fd@mail.gmail.com>
2005-09-11 21:58 ` Edmundo Carmona
2005-09-12 15:06 ` Rudi Starcevic [this message]
[not found] ` <65aa6af9050911151962bc24a2@mail.gmail.com>
2005-09-11 22:20 ` Fwd: " Edmundo Carmona
2005-09-12 15:19 ` Rudi Starcevic
2005-09-11 21:34 ` /dev/rob0
2005-09-12 14:47 ` Rudi Starcevic
2005-09-12 14:51 ` Rudi Starcevic
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4325996D.2070801@wildcash.com \
--to=tech@wildcash.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox