Same IP address on Either side of NAT.
David Chambers
davidc@ccmi.salk.edu
Thu, 3 Jan 2002 08:15:05 -0800
I know there have been a couple of replies on the list already, but
I thought I would put in my $0.02 as well :-)
You could also take a look at the bridge-netfilter patches
( http://bridge.sf.net/ ). I'm using this scheme at work and it
works very well. Unless I misunderstood your mail, it looks like this
is exactly what you want. Currently I'm using the old ipchains system with kernel 2.2, but as soon as time permits I'm going to give 2.4 a go
with iptables, now the bridging/iptables code seems to be up to snuff.
Regards,
David
On 02 Jan 2002 13:30:10 -0800
Chris Murray <cmurray@stargate.ca> wrote:
> Hi All -
>
> I have a need to replace a pix with a linux box running iptables. I was
> wondering if there is anything that would prevent me from doing the
> following:
>
> | |
> Public | Firewall | Private Network
> x.x.x.0/24 | | x.x.x.0/24
>
> The live IP addresses on the outside of the firewall actually match the
> internal ip addresses on the inside of the firewall. I need to be able
> to do this in Iptables to replace the pix.
>
> Is this possible?
>
> Thanks - Chris
>
> --
> Chris Murray Network Services Specialist
> cmurray@stargate.ca Stargate Connections, Inc.
> http://www.stargate.ca/ ph. +1 (604) 606-8988