Jason, that worked pretty well. I can access that interface from all 4 ip's now. Looks like I'm half done. I tried the next step myself. I'm actually using the older IPFWADM program for my masquerading. I just did: # ipfwadm -F -i accept -S 64.50.146.19 -D 192.168.1.2 # ipfwadm -F -i accept -S 64.50.146.20 -D 192.168.1.3 # ipfwadm -F -i accept -S 64.50.146.21 -D 192.168.1.4 # ipfwadm -F -l -n IP firewall forward rules, default policy: deny type prot source destination ports acc all 64.50.146.19 192.168.1.2 n/a acc all 64.50.146.20 192.168.1.3 n/a acc all 64.50.146.21 192.168.1.4 n/a acc/m all 192.168.1.0/24 0.0.0.0/0 n/a # It looks like it work magically -- that is it looks like anything coming in from 64.50.146.19 would be sent to 192.168.1.2, etc. But when I telnet to 64.50.146.19 I get the login MOTD for the 64.50.146.18 box. So close :) Brian PS: After I wrote this mail, I'm now unable to access the box at all. The telnet MOTD is displaying really slow, well no, now the box is refusing all connections. I assume the CPU is busy routing IP traffic to itself or something equally uninteresting. No big deal, I'll just see what I did to the box when I get home. Actually, I think I know what I did wrong. I had the wrong concept of how ipfwadm instructs the kernel to forward packets. I must have had it backwards, or approaching it the wrong way. - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.rutgers.edu
