[ previous ] [ next ] [ threads ]
 
 From:  "Mark Dormer" <mark at inpac dot com dot au>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] 1:1 routing issues
 Date:  Sat, 19 Nov 2005 08:56:59 +1100 
Do you mean an arp-proxy entry for each host or the whole subnet?

Does that mean I need to do a 1:1 for each IP address rather than the whole
subnet?

Regards
Mark Dormer

-----Original Message-----
From: Patric Schluep [mailto:patric dot schluep at compsys dot ch] 
Sent: Friday, 18 November 2005 9:23 PM
To: Mark Dormer
Subject: Re: [m0n0wall] 1:1 routing issues

hi

make an entry in the arp-proxy table for each 1:1 nat.

regards
patric

Datum:   	Fri, 18 Nov 2005 20:56:58 +1100
Von:            	"Mark Dormer" <mark at inpac dot com dot au>
An:             	<m0n0wall at lists dot m0n0 dot ch>
Betreff:        	[m0n0wall] 1:1 routing issues

> I have monowall on a 3 port soekris box
> 
>  
> 
> Using NAT
> 
> I can get individual ports to forward. eg. smtp or pop3 to a single host
> 
> I can't get 1:1 to work.
> 
> I have 2 class C IP address ranges, public ones.
> 
> I need to be able to connect to any of those 512 addresses from the
> internet.
> 
>  
> 
> Internet <--> monowall <--> network xxx.xxx.16.0/23
> 
>  
> 
> Host 17.252 is mail server
> 
> Host 17.254 is www server
> 
> Host 17.254 also has another 30 ip addresses that are used for each
website.
> 
>  
> 
> Rules like any source, any port, <-->  ip xxx.xxx.17.252, smtp,  work
> 
>  
> 
> I tried setting 1:1 to the full subnet xxx.xxx.16.0/23 but it doesn't seem
> to pass any packets.
> 
>  
> 
>  
> 
>  
> 
>  
> 
> Is it possible to turn NAT off and just filter traffic?
> 
> I don't really need to translate just filter.
> 
>  
> 
>  
> 
> Regards
> 
> Mark Dormer
> 
>  
> 
>