>
> The "ip neigh {add|del|change|replace} ..." sequence?
Yeah. Look in /usr/share/doc/iproute and print off one of the cref
(command reference) docs (note the .ps file wants A4 paper)
>
> > Problem is that it burns another external IP address.
>
> Um... not good.
Well, yeah. That is the thin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
A long time ago, in a galaxy far, far way, someone said...
> > The problem is, as I said before, kernel 2.2 doesn't like to do NAT on IP
> > protocols other than TCP and UDP.
>
> Almost true. Using the iproute2 tools, you can do a static NAT of an
>
> The problem is, as I said before, kernel 2.2 doesn't like to do NAT on IP
> protocols other than TCP and UDP.
Almost true. Using the iproute2 tools, you can do a static NAT of an
inside box to outside. You can then use standard packet filter firewall
rules to block various ports you don't want a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
A long time ago, in a galaxy far, far way, someone said...
> I ran into some trouble using a Debian box as an IP Masq gateway (also
> running Squid) to a network which uses a VPN box employing IPsec. The
> ISP's tech support said that GNU/Linux was i
On Sun, Oct 01, 2000 at 12:49:12PM -0400, Randy Edwards wrote:
> I ran into some trouble using a Debian box as an IP Masq gateway (also
> running Squid) to a network which uses a VPN box employing IPsec. The
> ISP's tech support said that GNU/Linux was incapable of doing NAT properly
> with IPsec
I ran into some trouble using a Debian box as an IP Masq gateway (also
running Squid) to a network which uses a VPN box employing IPsec. The
ISP's tech support said that GNU/Linux was incapable of doing NAT properly
with IPsec and that I'd have to kill the NAT and proxy to make things
work.
I hav
6 matches
Mail list logo
