Dynamic NAT using Linux
whenever
whatever at whoever.net
Tue Jun 5 12:02:48 PDT 2001
Thank you, I took a look at it, it does static mapping, ie. 1.2.3.0/24 --to 3.4.5.0/24. I wounder if it's a port from bsd's ipfilter, bsd's ipfilter does dynamic mapping with block-in(if I remember right) if you need to lock onto the ip for some softwares. If netmap module does 1.2.3.0/16 --to 3.4.5.0/24 would be nice. Did anyone do performance test between bsd and linux as a fw? have any numbers flying around? speed differance with stateful and stateless?
Thanks again Myles.
On Tue, Jun 05, 2001 at 06:50:22AM -0700, Myles Uyema wrote:
>
>
> In the current netfilter cvs ( see http://netfilter.samba.org/ ) there
> exists a NETMAP module which describes itself as doing this "just like
> cisco PIX". It's an additional patch to the kernel sources, but I've
> compiled it just fine as a module. Of course, I can't really use it on
> my @home cablemodem, since I have just 1 IP address.
>
> It might even be included the 1.2.2 release of iptables...check it out.
> http://netfilter.samba.org/
>
> On Tue, 5 Jun 2001, whenever wrote:
>
> >
> > Hi people,
> > Does anyone know if there are any package/modules that does dynamic NAT on linux? let's say I have 1,000 users are logon with private ips, then translate any given ip to one of the 100 routerable(real) ip when needed, and drop it off the NAT table when that person is done. something like the NAT function in the cisco router/pix firwall, thanks.
> >
>
>
> ---
> You are currently subscribed to luau as: whatever at whoever.net
> To unsubscribe send a blank email to $subst('Email.Unsub')
More information about the LUAU
mailing list