Big Brother tells me that Roeland Meyer wrote:
> Use static routes.
>
I think you misunderstood his problem. If he means what I think he
means, then I am interested in the answer also.
Suppose you have a linux box with two ethernet cards acting as a
firewall. Specifically, eth0 connects to the outside world and has
a 'real' IP, but eth1 points to the internal network and has a
reserved address such as 192.168.1.1.
We aren't doing any Masquerading/NAT here. Instead, the firewall
is running a proxy web server and a mail server. Intenal people get
their mail from and send their mail to the firewall, and the firewall
forwards mail out, etc., etc. NO routing between the networks.
Suppose that I login to the firewall and want to ssh out to some
other machine out in the real world. If ssh decides to bind() to
192.168.1.1 for the local end of the socket, then the connection to
the outside world will fail.
This is exactly the situation that I may find myself in fairly soon,
and it is a problem with MANY applications which just bind() to IPADDR_ANY
(or whatever its called; I forget), leaving it up to the OS to pick an
IP on a multi-homed system. With servers, like sshd, one can force it
to listen() on a specific IP. With clients, though, the IP it needs to
bind() locally may depend on the remote IP...
--
"There is no parameter that makes it impossible Jack McKinney
for you to perform still more excellently." [EMAIL PROTECTED]
-Mario Cuomo, on the lack of a clock in baseball http://www.lorentz.com
1024D/D68F2C07 4096g/38AEF076
PGP signature
