|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [suse-security] DMZ egress access problem
From: Arjen Runsink (arjen
zeilers.net)
Date: Fri May 23 2003 - 13:49:41 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Maarten,
> Yeah... I wondered about that too... The thing is, If I do not masquerade
> LAN to my DMZ how do I allow access from LAN to my DMZ servers ?
> Am I overlooking something ?
Using FW_FORWARD="<lanipnet>/<bitmask>,X.Y.Z.160/28"
Though I would expect the lan to have access to dmz, just like it has access
to the outside, but when not masquerading, maybe this should be done
explicitly. You could do masquerading, but then set masq nets option to
internal ip range.
Ah well, if that does not seem to work, build your own from the ground up. :)
There are tools to make that easy too.
Arjen
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]