HI,
 
I tried your suggestion .
First, I did eth0:1 down ( to bring down the ip alias 193.11.111.2)
 
Then I did route add 193.11.111.2  gw 192.0.0.3
 
It didn't seem to make any difference.
 
Do I need to remove prerouting rules in the firewall script that map the traffic destined for 193.11.111.2 to the internal ip address of the machine ?
 
thanks again
Lisa
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Marcos de Souza Trazzini
Sent: 19 August 2006 11:53
To: [EMAIL PROTECTED]
Subject: Re: getting original ip address

Well, this occours becouse your firewall are masquerading the addresses. To prevent this and get the real ip address, create a route table in firewall like this:

# route add 193.11.111.2 gw XXX.XXX.XXX.XXX

Where XXX.XXX.XXX.XXX is the internal ip address of the server.

Don't forget to "remove" any interface proviously configured with ip 193.11.111.2 in the firewall.

Scream i any prlblems.. and sorry for the bad english.... =P

On Tue, 2003-08-19 at 06:35, lisa ryan wrote:
Hi, I was wondering if anyone can help me with the following query:

I've set up a public ip address 193.11.111.2
My firewall ip address is 193.11.111.1

In my firewall script I've a prerouting rule that maps any traffic destined
for 193.11.111.2 to the internal ip address of the server.
We have an application that runs and keeps a log of ip addresses that have
connected to the server. When I check this log, the ip's that are showing is
the ipaddress of the firewall.

Is there any way that I can capture the original ip address that made the
connection instead of the firewall ip ?

thanks in advance
Lisa


This E-mail and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to whom they   
are addressed. If you have received this E-mail in error please notify us immediately and delete this E-mail from your system. Thank you.
It is possible for data transmitted by email to be deliberately or
accidentally corrupted or intercepted. For this reason, where the
communication is by E-mail, the Big Picture Group does not accept 
any responsibility for any breach of confidence which may arise through the use of this medium.
Opinions, conclusions and other information in this message that do not relate to the official business of Big Picture Group shall be understood as neither given nor endorsed by it.
This footnote also confirms that this email message has been swept for the presence of known computer viruses.
This E-mail and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to whom they   
are addressed. If you have received this E-mail in error please notify us immediately 
and delete this E-mail from your system. Thank you.
It is possible for data transmitted by email to be deliberately or
accidentally corrupted or intercepted. For this reason, where the
communication is by E-mail, the Big Picture Group does not accept 
any responsibility for any breach of confidence which may arise through the use of 
this medium.
Opinions, conclusions and other information in this message that do not relate to the 
official business of Big Picture Group shall be understood as neither given nor 
endorsed by it.
This footnote also confirms that this email message has been swept for the presence of 
known computer viruses.

Reply via email to