can't help too much with the main issue; i've always thought that you _should_
be able to forward/masq/NAT an aliased interface, and it kind of cuts down
on the utility of the whole thing if you can't. but i haven't tried to do
it myself in a while (since before ipchains was available actually) so my
experience is probably irrelevant. you might want to look into the firewalling
code being developed for the 2.4.x series of kernels, it is reportedly a
complete rewrite (again) and they may have this problem solved.
as an aside, though, i can tell you that for some reason ip aliasing has never
been written as a module, it's either available in the kernel (apparently
the one you have has it turned on) or it's not. you can get a nice tour of
the linux kernel, even if you don't plan on installing a custom one yourself,
by installing the source code for the kernel version you're running, cd'ing
to the base directory, and typing "make xconfig".
hth,
-m
On Tue, Sep 19, 2000 at 11:01:21PM -0700, Rob Tanner wrote:
> Hi all,
>
> I have Redhat 6.2 installed along with VMWare 2 with NT4 installed in
> the VMWare virtual machine. I'm doing some development work on that
> other platform, and I need to be able to access its services from the
> net. I wrote an /sbin/ipchains packet filter including forwarding and
> masquerading the VMWare net (vmnet1).
>
> Here's the problem: simply forwarding and masquerading to the external
> interface means all outbound traffic goes out as my main address.
> There is no way (that I know of) to initiate a TCP session from the
> outside since masquerading works just like NAT.
>
> I haven't yet discovered in Redhat specific IP aliasing documentation
> and I don't have an ip_alias.o kernel module (nor have I found source
> code). But, ifconfig eth0:0 <ipaddress> works and creates an alias I
> can ping externally, so I presume that IP aliasing is compiled into the
> kernel by default.
>
> Since forwarding/masquerading from vmnet1 to eth0 works just as
> advertised, why can't I likewise forward/masquerade to eth0:0?
>
> Thanks,
> Rob
>
>
> _ _ _ _ _ _ _ _ _ _
> /\_\_\_\_\ /\_\ /\_\_\_\_\_\
> /\/_/_/_/_/ /\/_/ \/_/_/_/_/_/ QUIDQUID LATINE DICTUM SIT,
> /\/_/__\/_/ __ /\/_/ /\/_/ PROFUNDUM VIDITUR
> /\/_/_/_/_/ /\_\ /\/_/ /\/_/
> /\/_/ \/_/ /\/_/_/\/_/ /\/_/ (Whatever is said in Latin
> \/_/ \/_/ \/_/_/_/_/ \/_/ appears profound)
>
> Rob Tanner
> McMinnville, Oregon
> [EMAIL PROTECTED]
>
>
>
> _______________________________________________
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
--
Michael Jinks, IB
Systems Administrator, CCCP
finger [EMAIL PROTECTED] for public key
Vote Duke! http://www.entertaindom.com/pages/duke2000/home.jsp
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
