lookin /sbin/bastille-netfilter
there is an example of routing between different subnets on the internal
interface.
here's an example of mine.
sl0 and tunl0 are both listed as internal interfaces in
/etc/Bastille/bastille-firewall.cfg.
you can add dest port and source ports if reqiued as well as the
protocol
${IPTABLES} -A FORWARD -i sl0 -s 44.131.90.0/22 -d 195.201.95.146 -j
ACCEPT
${IPTABLES} -A FORWARD -i tunl0 -s 44.131.90.0/23 -d 195.201.95.146 -j
ACCEPT
HTH
richard
On Tue, 2002-03-12 at 11:32, Baines, Dominic wrote:
> Is there a way to do these with Bastille:
>
> 1. Port forward say ssh (22) to more than one host internally ?
> say something like:
> port 99922 to host 1:22
> port 99822 to host 2:22
> port 99722 to host 3:22
>
> I can only seem to enable just single host port forwarding and it is a bit limiting.
>
> 2. Connect a whole remote network (actually 3 systems behind another Bastille
>firwall
> also NAT'd...) to the local network .
>
> Local network 192.168.100. network
> Remote network 192.168.200. network
>
> What I'd like to do is setup both systems so that they KNOW that the gateway to the
> other is through the firewall...
>
> I used be able to do this 'simply' enough by adding rules to both firewalls to tell
>them the
> other network gateway was the PUBLIC IP address of the other firewall...
>
> Can't seem to do this, with Bastille ....
>
> 3. Use the Bastille firewall system as a VPN server. Ideally 2 uses these or a
>remote user would..
>
> Has anyone else been able to accomplish any of these tasks whilst not completely
>mitigating the
> use of Bastille (which is what I'm faced with otherwise) ?
>
--
Best regards
Richard Bown
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
