IP Masquerading: Can the source address be set somehow?

Christoph Lameter (christoph@lameter.com)
Wed, 11 Mar 1998 07:12:19 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mr LEROY christophe: "Re: Sporadious hang on 2.0.3[0,1,2,3,4pre2]"
Previous message: Marc RIESS: "Re: ulimit"

I run a Linux Router/Firewall (One T1/Frame Relay, 2x 100BT, 2x 10 BT)
for our Campus (very much superior to any commercial router I have seen
<G>, especially since you can run a Webcache and DNS cache on the
firewall).

Anyways the T1 interface has an IP (38.x.x.x) assigned by our ISP which is
not part of our Class C Networks. I do masquerading on the Router and the
router masquerades connections as coming from the Frame Relay Interface
38.x.x.x. Some Companies do authentication by reverse lookup of the
orignating IP and this will fail. I was able to reconfigure the webcache -
squid - to make requests originate from one of our Class C networks. So
our web-requests (which I redirect using transparent proxying to the
webcache) now have a source address that is clearly part of our Class
C networks and the authentication by source IP works.

But this is not working for FTP, TELNET etc etc.

How can I fix the kernel masquerading to not use 38.x.x.x as the source
address for masquerading but instead another IP address on the
router that is part of our Class C networks?

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu

Next message: Mr LEROY christophe: "Re: Sporadious hang on 2.0.3[0,1,2,3,4pre2]"
Previous message: Marc RIESS: "Re: ulimit"