List:General Discussion« Previous MessageNext Message »
From:Colin McKinnon Date:September 8 1999 1:09pm
Subject:Re: ipfwadm related question
View as plain text  
At 09:27 08/09/99 +0200, Thijs Cobben wrote:
>Q: "How can I configure ipfw tables (e.g. using ipfwadm) such that I have a
>physically different machine (internal 192.168.x.x IP-address) as database
>server? Such that all requests entering the firewall IP-address
>(external=ISP-provided) on port 3306 will be forwarded to the internal
>machine? How do i configure 'IP-aliases' such that dbmaster.mydomain.mytld
>refers via DNS to the firewall-IP but is redirected to the internal machine?
>What are the security implications?
>Please (provide pointer to) help?
>Thijs Cobben
You can't. Use a transparent proxy such as portfw or delegate.
I suspect that connections may appear to come from the firewall itself -
something to think about if you're doing any host-based authentication.

(I believe it *may* be possible with IP-chains but using a proxy it
probably simpler than upgrading your kernel).



ipfwadm related questionThijs Cobben8 Sep
  • Re: ipfwadm related questionColin McKinnon8 Sep
    • Process questionMichael Adams8 Sep
      • split string into parts (was:: Process question)Martin Ramsch8 Sep
Re: ipfwadm related questionCurtis Maurand8 Sep
  • Re: ipfwadm related questionVan8 Sep
RE: ipfwadm related questionClinton Gormley8 Sep
  • RE: ipfwadm related questionVan8 Sep