-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello list, I'm starting to set up a DMZ/LAN setup, and came across a problem/question. The setup I want to do is a multi-homed firewall, with one intf. to a private LAN and another to a DMZ. The FW will MASQ the LAN, and DNAT into the DMZ. I want to redirect _all_ traffic into the DMZ (is that even possible?) and in the same time MASQ the LAN. The question is will they collide? If I use a ruleset such as: iptables -A PREROUTING -i $INET_IF -j DNAT --to-destination $DMZ_IP iptables -A POSTROUTING -o $INET_IF -j MASQUERADE (yes, there's only one computer in the DMZ) Will I get return traffic into my lan? won't it be DNATed into the DMZ? Thanks, +katriel pgp key: traum.org.il/gpg.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+OX2dDWy+Hv/461sRAqmWAJwJ5/vSBMlj/2dHS/seXuPrcTv81QCg/tan C1xvdNg6gFpdAZRx84tsaR8= =9ku+ -----END PGP SIGNATURE-----
