RE: [FW1] NATing DNS queries payload ONLY

Wed, 09 Aug 2000 01:47:46 -0700 



Unless you write an inspect script that creates this functionality, you
won't be able to do this in fw-1.

Lars

> -----Original Message-----
> From: Cisco Wave [mailto:[EMAIL PROTECTED]]
> Sent: 9. august 2000 07:46
> To: [EMAIL PROTECTED]
> Subject: [FW1] NATing DNS queries payload ONLY 
> 
> 
> 
> Dear All,
> 
> I would like to know if it is possible to NAT only the
> payload of DNS queries.
> 
> For example on Cisco I know it is possible to NAT the
> payload and the IP header will be NATed at the same
> time,
> like explained in :
> http://www.cisco.com/warp/public/556/3.html
> 
> IN FW1, I know how to use NAT for the IP hearder only
> ...
> 
> However, what I would like to do is much basic, but I
> could not find if it will work or not.
> 
> Basically, I have a UNIX 'hostA' inside making a DNS
> query to resolve a name 'nameA'.
> The internal DNS gets the information from an external
> DNS and forward it back to the inside hostA.
> However, the IP matching 'nameA' is an internet IP
> that is not routed inside. Which means
> that 'hostA' can not communicate with 'nameA' 's IP
> address ...
> 
> What I would like to do, is not to change the routing,
> and not to translate any addresses in headers because
> it is working fine like this, I just need to translate
> the payload of the DNS reply from the DNS server in
> FW1 (ie changing
> from nameA<->IPexternal to
> nameA<->IPtranslated2internal).
> 
> Please let me know if you know an answer, or have some
> URL explaining the process.
> 
> Thank you for your help,
> 
> 
> 
> 
> =====
> We are NOT Cisco Inc.
> 
> __________________________________________________
> Do You Yahoo!?
> Kick off your party with Yahoo! Invites.
> http://invites.yahoo.com/
> 
> 
> ==============================================================
> ==================
>      To unsubscribe from this mailing list, please see the 
> instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
> 


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to