Re: FW: Setting up 1:1 NAT for DMZ (Repost w/o HTML)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jan 05, 2005 at 02:02:06PM -0800, Spidal, Glen wrote:
> >> Jason,  
> >> Thanks so much.  I'm new to bash scripting.  In the statement below,
> >>for i in `seq 11 23`;
> >>which digits are the starting point and which ones are the number of
> loops?

the `seq 11 23` generates a list starting at 11, stopping at 23.  "seq"
is an external linux command.

> >>Also, how do I set the subnet on the public Ips added using the ip add
> command 
> >>in the script?  Mine happens to be 255.255.255.192.

the "ip addr add 1.2.3.${i} dev $EXT_IF" statements will add the IP
addresses with a /32 mask--which is fine for the purposes of an alias
for NAT.  it also keeps the firewall from ever using one of the alias IP's
as a source address when communicating on the locally-attached network.
only your primary IP on $EXT_IF needs to have the /27 mask.

-j

--
"Here we have an ordinary square.
 Whoa! Slow down egghead!"
        --The Simpsons


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux