You need to alias the external interface to act as all 5 external "real" IP
addresses a,d use ipmasqadm to port forward the incoming requests to the
appropriate masqeud internal IP address.
The format for setting IP aliasing is (where the "xxx.xxx.xxx.xxx"s
correspond to the IP addresses and subnet info from your ISP):
/sbin/ifconfig eth0:0 xxx.xxx.xxx.xxx netmask xxx.xxx.xxx.xxx broadcast
xxx.xxx.xxx.255
repeat for each aliased eth0 IP (eth0:1, eth0:2, eth0:3, etc.), and then
create ipchains rules for firewalling each aliased IP.
In the firewall script, make sure the gaming port is open for all aliased
IPs.
Install ipmasqadm and set port forwarding rules for each aliased IP to each
corresponding masqued internal IP. I believe the syntax is as follows, but
you should read the ipmasqadm HOW-TOs to be sure.:
(Assuming your internal network is on192.168.x.x, and the Gaming Port is
"XXXX")
/sbin/ipmasqadm -a -P tcp -L xxx.xxx.xxx.xxx XXXX -R 192.168.xxx.xxx XXXX
Let me know if this helps, or if I've screwed something up in the
translation. :-)
--Greg
----- Original Message -----
From: "Wignall, Mark T" <[EMAIL PROTECTED]>
> Hoping for some help here:
>
> I previously had the following setup within my network at my residence. 1
> Linux box w/ 2 NIC cards. 1 connected to the DSL modem, and 1 to a HUB
> where other computers throughout the house are connected. I configured
NIC
> 1 for the IP address given to me by my DSL provider, and configured the
> other NIC for the private network IP range 196.168.x.x. Next I configured
> IP Forwarding and Masquerading, and alas had everything set up and working
> perfectly.
>
> Some online games won't allow duplicate IP addresses to be seen on the
game
> server, and as all computers within my private net were sharing the 1 IP
> address provided by the DSL provider, only one computer at a time to could
> be gaming. I've recently acquired a different DSL package, which gives me
5
> static IP address, so I should be able to configure my network as I hoped.
>
> Obviously, I could have just put all computers, and the DSL modem on my
HUB
> and life would be good from a gaming perspective, however, I would very
much
> like to have a firewall installed that helps protect against intruders.
> Under this scenario, I'd have to install a firewall on each PC to gain
some
> protection...what a hassle.
>
> What I'd like to do is configure my Linux box like I had before, but
replace
> the Private network with additional IP's that I gained. I tried setting
> this up, but fell short after realizing that Linux acting as a router
can't
> route unless there are two different networks (IP sets) to route between.
> Since all my machines IP's belong to the same network (IP set), I can't
> "route" per se.
>
> What I came across were some HOWTO's on bridging+firewall. Essentially
the
> bridge creates a virtual NIC that binds the two together, and I place the
> firewall (IPchains) on this virtual NIC. I configured it, set it up, and
> appear to be accomplishing my goal. The firewall stuff is working on
every
> machine, and of course gaming is now a reality.
>
> In summary, my question is this. Is this the best/only approach I can
take
> in setting up my environment? Is there a way to accomplish this by
setting
> up my own route tables? The reason I ask is because when everything is
> "idle" on my network, I see blips on the DSL modem about every 3 seconds
or
> so. I've narrowed it down to the bridge stuff, as I can bring the bridge
> down, and the blipping stops. I don't know what is happening, and I don't
> believe that the bridge is impacting performance much, still I don't know,
> so I thought I'd pose the question to the experts out there.
>
> Thanks in advance,
> Mark Wignall
> [EMAIL PROTECTED]
>
______________________________________________________________________________
Vous avez un site perso ?
2 millions de francs à gagner sur i(france) !
Webmasters : ZE CONCOURS ! http://www.ifrance.com/_reloc/concours.emailif
