--On Wednesday, July 10, 2002 21:13:53 -0500 guitarlynn
<[EMAIL PROTECTED]> wrote:
> On Wednesday 10 July 2002 20:52, George Georgalis wrote:
>> Interesting, but not what I had in mind. I'm using nat for a dmz and
>> rather than bring up an each available ip as an alias, I thought
>> there was a way to bring up the subnet and let iptables take over
>> from there.
>
> You can set an interface as an entire subnet w/o alias'ing. Your
> interface must have atleast one set address for routing to work.
> You seem to be looking at something more along the lines of
> WAN routing.
He may be refering to the MIRROR target -- that code must still be in
Patch-O-Matic since my 1.2.6a iptables doesn't mention it under "man
iptables". AFAICT though, the MIRROR target only takes care of the NAT
table stuff -- it doesn't make your external NIC magically start responding
for an entire subnet.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ [EMAIL PROTECTED]
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Two, two, TWO treats in one.
http://thinkgeek.com/sf
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
