-----BEGIN PGP SIGNED MESSAGE-----
I have come across a problem where I require some client boxen that are
on an internet interface to be able to access services on a public IP
address that is actually a NAT back into a different internal
interface. As you all know, this is not quite possible with IPF
(although it does work fine under Linux iptables...).
As such, I found someone that posted some source code for a bounce
utility, which I compiled and stuck on the monowall for some testing.
I found that I could, with proper NAT rules, accomplish my goals fairly
easily, but I have run into two problems:
1) in both monowall 1.0 and the current beta version, there is no way
to do outbound NAT where the interface the packets come in on is LAN.
I had to basically put an 'empty' ethernet card in the box and use an
OPT interface instead
2) there is no easy way to setup bounce from the GUI
The first of which should be easy to solve; just allow LAN to be an
option for which interface an outbound NAT is applied (is this a bad
idea? if so, why?). The second of which would require some hacking.
Since this feature would be rather useful to me, I plan on adding some
support for it. My question is, are the developers at large interested
as well? I really hate to contribute patches that no one wants :) If
my plan of attack seems dumb, please let me know and I will try to make
whatever I come up with more useful to everyone at large.
I apologize if this has come up before; I searched the archives but I
didn't really see anything that stood out.
Keep up the good work on monowall, it has made my life a heck of a lot
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
-----END PGP SIGNATURE-----