[oclug] iptables NAT + routing problem
Bill Strosberg
bill at strosberg.com
Tue Mar 19 18:36:24 EST 2002
On Tue, 19 Mar 2002, Adrian Chung wrote:
> The output of:
>
> - iptables -t nat -nvL
> - iptables -t -nvL
>
> would help too. :)
If the routable public IP addresses are behind a dual homed firewall,
and not physically connected to the Ethernet segment where the DSL modem
is, you will have to proxy-ARP for them from the firewall box. The ISTOP
router is assuming the IPs are on the same segment, and will not see them
until there is a valid ARP response.
This is in addition to the NAT rules necessary in iptables.
See man proxy-arp.
--
Bill Strosberg
-----------------------------------------
bill -at- strosberg -dot- com
bill -dot- strosberg -at- rcpsc -dot- edu
More information about the OCLUG
mailing list