[ previous ] [ next ] [ threads ]
 
 From:  Kai Dittmann <kd dash news at devnull dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] InBound NAT based on Source-IP (Host or Range) ?
 Date:  Thu, 06 May 2004 17:36:17 +0200
Am Do, den 06.05.2004 schrieb Martin Holst um 17:28:
> Nope, sorry!
> 
> M0n0wall doesn't do inbound source-based forwarding - only source-based
> routing outbound ("Advanced outbound NAT").



  Hmmm, is it worth to start a Feature-Request for this ?

  IMHO is it a very very useful Feature, due to the Fact,
  that really much People use this already with many other
  Implementations (Smoothwall, IPcop and so on...)

  Am i the only one, who needs this, or who would be very
  pleased to have it build into m0n0 ?


cheers,
-K.



> -----Original Message-----
> From: Kai Dittmann [mailto:kd dash news at devnull dot de] 
> Sent: 6. maj 2004 11:54
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] InBound NAT based on Source-IP (Host or Range) ?
> 
> 
> Hello,
> 
> 
> just a quick Question, due to the Fact, that i don't
> found anything regarding this issue in the Archive:
> 
> 
> Is it possible, to set up an Source-IP based (P)NAT
> (InBound) on m0n0 like found on IPcop or Smoothwall ?
> 
> 
> 
> Example:
> Host-A on Internet connects to m0n0-ExtIF, Port 1701/UDP (L2Sec)
> and will be translated to a given Server, called A in the DMZ.
> 
> Host-B on Internet connects to m0n0-ExtIF, also Port 1701/UDP
> and will be translated to a *different* Server, called B on a
> *different* DMZ behind m0n0.
> 
> Net-C on Internet connects same way to m0n0, but should be
> Translated to a *third* Server in the first DMZ........
> 
> 
> With Smoothwall and/or IPcop it's possible, to setup a NAT,
> based on the Source-IP's or Source-IP Ranges from Hosts on
> the Internet.
> 
> 
> 
> 
> Cheers,
> -K
> 
> 
> ---
> BTW: This is _really_ the last missing Feature, that holds me on
> Platforms based on IPcop or Smoothwall. Everything else fits quite
> perfect for the given Setup here!
> 
> If this is possilble, i have to change immediately all our Gateways
> away from thoose two implementations above to m0n0. IPcop and Smooth
> are great products, but for my meaning and understanding of Firewalls,
> way too oversized...   i don't need a Squid, Snort or other things in
> my Border-Gateways/Firewalls. This stuff is placed dedicated behind
> the Wall's in a Router-LAN.
> 
> 
> 
> .
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>