> We've got ACL's up the wazoo in front of us and stateful devices too, I just > need two netfilter boxes in front of a server farm doing packet filtering > nice and fast; load balancing is being taken care of by a couple BigIP's. I > can't seem to find an example of anything other than masq/NAT for home or > SOHO iptables implementation and am not having luck hacking up existing > scripts. Does anyone use NetFilter in an ISP or Campus enterprise setup? I > like NAT and the D/SNAT features of NetFilter, I just don't need it for this > project.... anybody got some clues for me?
Just use iptables as normal, just don't include the NAT/Masq rules. If the routing tables are set up properly, the firewall box will know where to send the packets, as long as you don't DROP them. /Christopher > > tia/ > > Brian > > > >
