Date: Wed, 15 May 1996 20:28:18 -0700 (PDT) From: Jim Dennis <jimd@mistery.mcafee.com> To: msmith@atrad.adelaide.edu.au (Michael Smith) Cc: nate@sri.MT.net, msmith@atrad.adelaide.edu.au, jmb@freefall.freebsd.org, questions@FreeBSD.ORG Subject: Re: Networking / Routing question Message-ID: <199605160328.UAA31534@mistery.mcafee.com> In-Reply-To: <199605160119.KAA01175@genesis.atrad.adelaide.edu.au> from "Michael Smith" at May 16, 96 10:49:22 am
next in thread | previous in thread | raw e-mail | index | archive | help
> > Nate Williams stands accused of saying: > > > > > > I was going to suggest this, until it occurred to me that it would be > > > impossible for the firewall to connect out through the router. (With a > > > default route set to the router, packets originating on the firewall > > > will have an unroutable source address, and responses will never come > > > back.) > > > > The 'firewall' is our main email gateway box, and will end up doing all > > of the 'ftp/www/dns/etc' service to the world. > > Argh. And I presume you can't use a private network inside the firewall? You can. Just give one "real" (internic issued) IP address to the firewall (one interface on the firewall/proxy host) and give an RFC 1597 address (ip aliased or to a different interface) to the same machine. Now configure your SOCKS or FWTK to proxy between them. Also I've heard rumors that Darren Reed's IPFIL package includes NAT support (it performs network address translation and essentially makes one valid IP address look like a very busy host -- essentially it translates between IP addresses and IP ports -- it's kind of confusing to describe -- particularly since I haven't used it yet, read the code or even read the TCP/IP bible). Jim Dennis, System Administrator, McAfee Associates > > -- > ]] Mike Smith, Software Engineer msmith@atrad.adelaide.edu.au [[ > ]] Genesis Software genesis@atrad.adelaide.edu.au [[ > ]] High-speed data acquisition and (GSM mobile) 0411-222-496 [[ > ]] realtime instrument control (ph/fax) +61-8-267-3039 [[ > ]] Collector of old Unix hardware. "Where are your PEZ?" The Tick [[ >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199605160328.UAA31534>