I want to have my cake and eat it too

To: debian-firewall@lists.debian.org,
Subject: I want to have my cake and eat it too
From: Ian Johnstone <ianj@westnet.com.au>
Date: Mon, 31 Mar 2003 18:10:33 +0800
Message-id: <[🔎] 5.1.0.14.2.20030331174528.00accb48@mail.westnet.com.au>

Hi

At my work we have the need to allow visitors to connect to the Internetfrom around our building.

We do not use DHCP internally. However, I'd like to configure DHCP forvisitors and assign them addresses in the 192.168.0.xxx space with agateway address of a Linux Server 192.168.0.10. I don't want visitors toknow of our internal network

The server runs Debian and a 2.4 kernel and has a single physical interfaceeth0. I have configured a virtual interface, so that eth0 answers on twoIP addresses

	135.90.195.10  (eth0)
	192.168.0.10  (eth0:1)

I had planned to use iptables to do NAT translations on the packetsreceived on eth0:1 and then forward them to eth0 for access to the Internet.

I've now learnt that this won't work since iptables deals with physicalinterfaces, so if I put a second ethernet card in the server then I couldiptables as I foolishly planned :-)

However, I really don't want to add another ethernet card. So my thoughtsnow are that I should be able to use iptables, but view it as a routingproblem. Before I go too far down this path, suggestions or pointers wouldbe appreciated.


Reagrds, ian

Reply to:

Follow-Ups:
- Re: I want to have my cake and eat it too
  - From: Jonathan Oxer <jon@ivt.com.au>

Prev by Date: HW Requierements+config question
Next by Date: Re: Please excuse, but I am not a router/firewall-guru...
Previous by thread: HW Requierements+config question
Next by thread: Re: I want to have my cake and eat it too
Index(es):
- Date
- Thread