Re: Iptable NAT problem - DONE!

To: Mike Mestnik <cheako911@yahoo.com>
Cc: Pradeeper <pradeeper@yahoo.com>, Debian-Firewall <debian-firewall@lists.debian.org>
Subject: Re: Iptable NAT problem - DONE!
From: Pradeeper <pradeeper@unionb.com>
Date: Wed, 11 Aug 2004 10:21:35 +0600
Message-id: <[🔎] 1092198094.9623.246.camel@Neo>
Reply-to: pradeeper@unionb.com
In-reply-to: <[🔎] 20040810181002.14657.qmail@web11906.mail.yahoo.com>
References: <[🔎] 20040810181002.14657.qmail@web11906.mail.yahoo.com>

Hi Mike

On Wed, 2004-08-11 at 00:10, Mike Mestnik wrote:
> You need to "ifconfig eth0:1 up 203.94.71.36", this will cause arp replys
> to be sent and the IP(protocol) stack to accept data for that IP.  Then
> your "iptables -i eth0:1 -j DNAT" cmds will work nicely, without any SNATS
> as it's assumed that replys will need to come from 203.94.71.36.

It worked! Thanks!

Is there a security issue with this method?
My senior partner says it's not a good method to do this (but he is run
out of an idea ;-)) Is it true?
Do you have any documentation regarding this (security issue of this
method)?

Thanks!

Pradeeper

Reply to:

Follow-Ups:
- Re: Iptable NAT problem - DONE!
  - From: Mike Mestnik <cheako911@yahoo.com>

References:
- Re: Iptable NAT problem
  - From: Mike Mestnik <cheako911@yahoo.com>

Prev by Date: Re: Iptable NAT problem
Next by Date: Re: Iptable NAT problem
Previous by thread: Re: Iptable NAT problem
Next by thread: Re: Iptable NAT problem - DONE!
Index(es):
- Date
- Thread