|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[suse-security] SuSEfirewall 2 - redirect ports on internal interface to DMZ
From: Dirk Enrique Seiffert (ds
caribenet.com)
Date: Wed Sep 27 2006 - 13:43:40 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I am moving a Mailserver from the internal network to the DMZ. This move
should be invisible for the enduser. Lat but not least: Some hundred mail
clients are configured to consult an IP, not a name: I can't solve the
issue by configuring my DNS server.
This is my configuration:
200.x.x.x (public IP)
|
SuSEfirewall-192.168.254.1--------192.168.254.2 MailServer
|
192.168.0.249
|
internal network
I have to access the mailserver by an IP in the 192.168.0.0/24 range.
External traffic I can easily redirect with FW_FORWARD_MASQ= to an IP in
the DMZ. Internal traffic I can redirect to a local port on the firewall
with FW_REDIRECT.
Is it possible to redirect all traffic coming on the internal interface
for 192.168.0.249 to 192.168.254.2 ?
Any Custom rule? I was googling quite a while to, didn't find any rule
doing a forward on the internal interface.
Any idea is appreciated!
Thanks
Enrique
--
Dirk Enrique Seiffert - Lintec S.A.
Ed. Torre del Reloj - Of. 401
Plaza de los Coches, Centro
Cartagena - Colombia
http://www.lintecsa.com
--
Este mensaje ha sido analizado por MailScanner
en busca de viruses y otros contenidos peligrosos,
y se considera que est limpio.
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]