Now that I have Multi-ISP working, is it the case that all rules DNAT rules for the net zone apply to both interfaces? I''d like to DNAT a web cam so that it is available on the ADSL connection, but does that make it also available on the primary connection? -- Chris Mason NetConcepts (264) 497-5670 Fax: (264) 497-8463 Int: (305) 704-7249 Fax: (815)301-9759 UK 44.207.183.0271 Cell: 264-235-5670 Yahoo IM: netconcepts_anguilla@yahoo.com -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
Chris Mason (Lists) wrote:> Now that I have Multi-ISP working, is it the case that all rules DNAT > rules for the net zone apply to both interfaces? I''d like to DNAT a web > cam so that it is available on the ADSL connection, but does that make > it also available on the primary connection?It works for all interfaces in the zone. If you want more control, specify the source address in the DNAT rule as well as the destination. It''s usually a good thing that it works that way, so that''s the default behaviour. e.g. My DMZ mail server has 3 listed MX records on the outside that are DNATed to it with one rule. Paul ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
Paul Gear wrote:> Chris Mason (Lists) wrote: >> Now that I have Multi-ISP working, is it the case that all rules DNAT >> rules for the net zone apply to both interfaces? I''d like to DNAT a web >> cam so that it is available on the ADSL connection, but does that make >> it also available on the primary connection? > > It works for all interfaces in the zone. If you want more control, > specify the source address in the DNAT rule as well as the destination. >To enable it on one interface, place that interface''s IP address in the ORIGINAL DEST column. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key