[ale] Linux box as a router w/DHCP

James Sumners james.sumners at gmail.com
Mon Jan 22 21:19:43 EST 2007


Yes, that is correct. But I found it easier (necessary?) to reference
the external IP when marking packets for the CBQ rules.

I'm not really sure right now. I would have to reread some of the documents

On 1/22/07, JK <jknapka at kneuro.net> wrote:
> James Sumners wrote:
>
> > If you're not doing any port forwarding (DNAT) I don't suppose there
> > is a problem with that. But if you want to mangle packets, I believe
> > you have to reference the external IP.
>
> You don't need to mention the ingress IP in DNAT
> rules.  I'm doing this for a couple of different
> services (eg accepting SSH connections and forwarding
> them to my personal desktop machine).  All you
> have to say is, "anything arriving on eth0 at
> port 22, forward to ${INTERNAL_IP} port 22".
> I'm doing this for a number of services, but
> I don't have the rules in front of me at the
> moment, though.
>
> -- JK


-- 
James Sumners
http://james.roomfullofmirrors.com/

"All governments suffer a recurring problem: Power attracts
pathological personalities. It is not that power corrupts but that it
is magnetic to the corruptible. Such people have a tendency to become
drunk on violence, a condition to which they are quickly addicted."

Missionaria Protectiva, Text QIV (decto)
CH:D 59



More information about the Ale mailing list