On Thu, 2003-11-27 at 15:02, Knight, Steve wrote: > Hi chaps > > Had a bit of a google, and of course consulted Ziegler, but I'm still not > 100% on either of these, so --- > > 1) can iptables use eth0:0 as a valid interface distinct from eth0 ? So I > can use eth0 as LAN internal i/f and eth0:0 as DMZ internal i/f. > No, not directly, but can be referenced by the virtual ip. > and ... > > 2) Back when I did my checkpoint certs we covered "static NAT" - simple > one-to-one address translation, rather than "hide NAT" - aka iptables SNAT / > MASQUERADE.... > > ...the question I have is - > > is the example given in Ziegler starting on p280 and table 7.1 "Host > Forwarding to Servers in a Privately Addressed DMZ" an example of "static > NAT"? > That would be DNAT, not SNAT. and then it could be either 1:1 or N:1, depending on the iptables rule. > Thanks for any pointers > > Steve > > > > ----------------------------------------------------------------------- > Information in this email may be privileged, confidential and is > intended exclusively for the addressee. The views expressed may > not be official policy, but the personal views of the originator. > If you have received it in error, please notify the sender by return > e-mail and delete it from your system. You should not reproduce, > distribute, store, retransmit, use or disclose its contents to anyone. > > Please note we reserve the right to monitor all e-mail > communication through our internal and external networks. > ----------------------------------------------------------------------- -- -- Raymond Leach <raymondl@xxxxxxxxxxxxxxxxxxxxxx> Network Support Specialist http://www.knowledgefactory.co.za "lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import" Key fingerprint = 7209 A695 9EE0 E971 A9AD 00EE 8757 EE47 F06F FB28 --
Attachment:
signature.asc
Description: This is a digitally signed message part
