ADSL, routing, firewall question

To: debian-user@lists.debian.org
Subject: ADSL, routing, firewall question
From: Anders Lennartsson <anders.lennartsson@foi.se>
Date: Mon, 14 May 2001 13:59:35 +0200
Message-id: <[🔎] 3AFFC8A7.5CA48DE4@foi.se>

Hi

A friend of mine asked me to set up a firewall with an old P90 he had
for spare
when his ADSL connection was installed. Last week the cable guy came and
then we spent some time setting things up
in a preliminary fashion.

The ISP normally provides a fixed IP number (yes!) and I thought a
standard set up with
two Ethernet cards, no services in the firewall, and filtering with
IPCHAINS would to the trick.
And it does. (kernel 2.2.19, is it (yet) worth changing to woody/sid and
2.4.x with netfilter?)

The interesting part is that he asked them for three fixed IP-number and
got them (halleluja!)
My question is now : How to forward (route) the incoming traffic to the
two other IP-addresses to 
specific machines on the inside? (after due filtering of course)
I suppose one could ask the ISP to send the traffic to two of the
addresses the the third,
which then could filter and send them on as a router, but they seem
unwilling to arrange this.
IP-aliasing is possible so that the firewall with one ethernet card on
the outside
at least gets the packets, but it appears that IP-Masquerade can not
masquerade from aliased network connections,
only physical ones. 
So how to catch and process the incoming packets in an effective and
secure way?

Any clever ideas?

Anders

Reply to:

Prev by Date: Printing with the Gimp
Next by Date: RE: Is Nvidia Geforce supported on potato?
Previous by thread: Re: Printing with the Gimp
Next by thread: Ximian evolution unable to lock /var/spool/mail/xxxx
Index(es):
- Date
- Thread