Ongoing conversion of several Dachstein-CD installations have resulted in several challenges. Please, ask if I have left out pertinent information.
What am I missing? How can we setup the following scenarios with
Bering-uClibc/Shorewall?
Shorewall zones:
fw
loc
dmz (proxyarp)
Sixty-four (64) public IP's
Typical DMZ hosts OK
We cannot figure out how to do the following, which we have been doing
quite simply with Dachstein-CD:
[1] Internet -> public_IP:80 -> private_IP:80
In other words, a web server in loc appears to the Internet that
it resides in dmz.
We have not been able to accomplish this when there is no host at
that address on dmz. Should that address NOT be configured
proxyarp?
Also, is this scenario possible if there IS a host at that address
on dmz? In other words, if we have a SMTP host at that address on
dmz, can we have a web server at that address, that actually
resides in loc?
[2] Internet -> public_IP:55555 -> private_IP:555
Notice the port forwarding of one port to a different port.
There may or may NOT be an actual DMZ host on the public IP. It
could be a dmz address forwarded to a loc address.
What do you think?
--
Best Regards,
mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know. The more I know, the more I know I don't know . . .
--
signature.asc
Description: Digital signature
