Hi, I have a subnet block, 200.x.y.128/28. My router is -> 200.x.y.129/28 My shorewall is -> 200.x.y.130/28 (eth0) I need to make a NAT, from 200.x.y.135, port 80 to 192.168.x.22, port 80 I need to assing 200.x.y.135 as eth0:1 ? Or can I make another mode ? How Can I make it ? Best regards, Anderson.
Anderson do Carmo de Oliveira wrote:> Hi, > > > I have a subnet block, 200.x.y.128/28. > > My router is -> 200.x.y.129/28 > My shorewall is -> 200.x.y.130/28 (eth0) > > I need to make a NAT, from 200.x.y.135, port 80 to 192.168.x.22, port 80 > > I need to assing 200.x.y.135 as eth0:1 ? Or can I make another mode ? > > How Can I make it ?I suggest that you look at: http://www.shorewall.net/shorewall_setup_guide.htm http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Tom Eastep wrote:> Anderson do Carmo de Oliveira wrote:>> I have a subnet block, 200.x.y.128/28. >> >> My router is -> 200.x.y.129/28 >> My shorewall is -> 200.x.y.130/28 (eth0) >> >> I need to make a NAT, from 200.x.y.135, port 80 to 192.168.x.22, >> port 80 >> >> I need to assing 200.x.y.135 as eth0:1 ? Or can I make another mode ? >> >> How Can I make it ? > > > I suggest that you look at: > > http://www.shorewall.net/shorewall_setup_guide.htm > http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html >The question is "Does your ISP route your /28 through the .130 address?". If the answer is "Yes", then you don''t need the eth0:x; if your ISP doesn''t route the /28 that way then you need to do SOMETHING to make your Shorewall box answer "arp who-has" requests for the .135 address. Adding that address to your eth0 interface is probably the most straightforward way of doing that. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Hi Tom, Thanks. Anderson. ----- Original Message ----- From: "Tom Eastep" <teastep@shorewall.net> To: "Mailing List for Shorewall Users" <shorewall-users@lists.shorewall.net> Sent: Saturday, March 20, 2004 5:54 PM Subject: Re: [Shorewall-users] NAT & Redirect Port> Tom Eastep wrote: > > > Anderson do Carmo de Oliveira wrote: > > >> I have a subnet block, 200.x.y.128/28. > >> > >> My router is -> 200.x.y.129/28 > >> My shorewall is -> 200.x.y.130/28 (eth0) > >> > >> I need to make a NAT, from 200.x.y.135, port 80 to 192.168.x.22, > >> port 80 > >> > >> I need to assing 200.x.y.135 as eth0:1 ? Or can I make another mode ? > >> > >> How Can I make it ? > > > > > > I suggest that you look at: > > > > http://www.shorewall.net/shorewall_setup_guide.htm > > http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html > > > > The question is "Does your ISP route your /28 through the .130 address?". > > If the answer is "Yes", then you don''t need the eth0:x; if your ISP > doesn''t route the /28 that way then you need to do SOMETHING to make > your Shorewall box answer "arp who-has" requests for the .135 address. > Adding that address to your eth0 interface is probably the most > straightforward way of doing that. > > -Tom > -- > Tom Eastep \ Nothing is foolproof to a sufficiently talented fool > Shoreline, \ http://shorewall.net > Washington USA \ teastep@shorewall.net > > > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe:https://lists.shorewall.net/mailman/listinfo/shorewall-users> Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm >