I have set up a firewall with 4 interfaces. +--------------+ | Linux box | ----------> internet | | ----------> DMZ | | ----------> intern1 | | ----------> intern2 +--------------+ I use kernel 2.2.4 with fast nat options, and iproute2 package I want translate two computers from the DMZ to internet. case 1 : ip rule add from XX.XX.XX.XX nat YY.YY.YY.YY table main ip route add nat YY.YY.YY.YY via XX.XX.XX.XX table local where XX.XX.XX.XX = valid address and YY.YY.YY.YY = real address in this case , translation work's on all interfaces -> pb in internal networks case 2 : ip rule add dev eth 0 from XX.XX.XX.XX nat YY.YY.YY.YY table main ip route add nat YY.YY.YY.YY via XX.XX.XX.XX table local in this case, packets coming from internet , are translate , but answer packets are not translate. But internal networks work fine ;-) If you have any idea, can you help me ? ------------------------------------------ Sylvain FAVRE [EMAIL PROTECTED] [EMAIL PROTECTED]
begin:vcard n:FAVRE;Sylvain tel;cell:06-61-12-94-57 x-mozilla-html:TRUE adr:;;;;;; version:2.1 email;internet:[EMAIL PROTECTED] x-mozilla-cpt:;-19392 fn:Sylvain FAVRE end:vcard
