Hello group/Pete I tried that, what i use is RH9.0. With it's iptables installation. Yes as U say there are 3 NICs. When i did what U said and initialized the FW script it says: warning: wiered character in interface 'eth0:1'(no aliases, ! or *) this follows on for all the lines which have the aliased IPs, for eth0:1 and eth2:1. How could i get about doing this ? TIA --- Pete Nesbitt <pete@xxxxxxxxx> wrote: > On July 4, 2004 11:58 pm, Redhat Enterprise wrote: > > What i wanted to do was to have 2 web servers > having > > private IPs( Ex: 192.168.128.5 and 192.168.128.6 > on > > the 255.255.255.0 subnet). The hub connecting > these > > machines would be connected to my Linux firewall > > machine. In other words the private IPs are the > ones > > that make my DMZ, I shall call this interface > which is > > connected to the DMZ as eth1. > > What i want to do is redirect all requests to > > 64.24.12.45 to 192.168.128.5 and 64.24.12.46 to > > 192.168.128.6 at the moment i have no problem in > doing > > the natting and everything related to send/receive > > from the 64.24.12.45. > > What i thought was to have a virtual interface and > > bind the other internet routable address to it, ex > > eth0:0. What are my options? > > Also how could i do the POSTROUTING SNAT if I > cannot > > use virtual in terfaces? > > > > Hi, > I'm not sure I understand your question. As I read > it, you have 3 boxes, 2 > acting as web servers and 1 as a firewall. They are > connected via a hub. It > looks like the fw has at least 2 nics, one for the > internet and one for the > dmz (web server area), and probably a 3rd for > internal LAN. I am presuming a > recent release of RH (say 8 or newer) > > You can add the static IP to the external ethernet > by creating a "eth0:1" (not > eth0:0). To do that manually, cp your > /etc/sysconfig/network-scripts/eth0 to > eth0:1. The edit the IP address and hard link it > into > /etc/sysconfig/networking/devices/ifcfg-eth0:1 > and > /etc/sysconfig/networking/profiles/default/ifcfg-eth0:1 > > Your postrouting should show something in the way > (all one line): > $IPTABLES -A POSTROUTING -t nat -p tcp -o $EXT_IF -s > $WEB_SERVER_1 -j SNAT > --to-source $EXT_IP_1 > > $IPTABLES -A POSTROUTING -t nat -p tcp -o $EXT_IF -s > $WEB_SERVER_2 -j SNAT > --to-source $EXT_IP_2 > > Hope that helps. > -- > Pete Nesbitt, rhce > > > -- > redhat-list mailing list > unsubscribe > mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > __________________________________ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
