I'm trying to create a set of NAT rules to deal with a situation I'm having.
I have a "spoofed" network to support moving large systems between a
private network and a shared intranet. The issue is when I want to get
from a system on the REAL network 10.1.1.0 to the gateway machine at
192.29.113.2, response traffic is directed out this "spoofed" 10.1.1.0
network vs. back through the intranet cloud.
(SIMPLE block, the dashes represent host with 4 interfaces)
--- 10.1.0.0
10.1.1.0 (Intranet cloud)192.29.113.2 --- 10.1.1.0
--- 10.1.2.0
I believe that I should be able to NAT at the 192.29.113.2 interface
before the packet reaches the kernel, so that it maps to something OTHER
than coming from 10.1.1.0 so responses go back OUT the 192.29.113.2
interface like I desire.
So far I haven't been able to do much but create configs that have no
effect, or simply won't stand up to rule check.
Some people say I should use RDR, some suggest MAP - but nothing I have
done so far is helping at all..
Anyone have suggestions - my level of skill with IPF is nil - this is
first experience..
gate:root> ./ipf -V
ipf: IP Filter: v4.0.3 (592)
Kernel: IP Filter: v4.0.3
Running: yes
Log Flags: 0 = none set
Default: pass all, Logging: available
Active list: 1
gate:root>
gate:root> uname -a
SunOS vngate 5.10 Generic_118833-33 sun4u sparc SUNW,Sun-Fire-280R
gate:root>
Thanks!
Eric
