Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: gateway can't see thru to "local" side
Operating Systems BSD gateway can't see thru to "local" side Post 302352897 by michealrp on Monday 14th of September 2009 03:02:53 AM
Old 09-14-2009
if I understand what you're trying to do, you have internet on your outside nic of 173.8.xxx and when it receives traffic destined for 10.10.xx it doesn't pass? If that's the case, it shouldn't. You will need to set up natd to monitor incoming connections and have a static nat setup in order for outside public ip traffic to route to the internal nic. If you monitor the traffic on the 10.10.xx nic with tcpdump, I'm pretty sure that you'll see the traffic coming in and out, however anything not local on the outside nic will get /dev/null'd at your outbound router since the 10.10.10 can't route outside of your network.

If I'm completely wrong here, and your firewall is active on that system, and running ipfw add an ipfw add ### allow ip from 173.8.xxx.xx/xx any to 10.10.10.xx/xx any and a return rule of ipfw add ### allow ip from 10.10.10.xx/xx any to 173.8.xxx.xx/xx any to correct it.
 

8 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Explain the line "mn_code=`env|grep "..mn"|awk -F"=" '{print $2}'`"

Hi Friends, Can any of you explain me about the below line of code? mn_code=`env|grep "..mn"|awk -F"=" '{print $2}'` Im not able to understand, what exactly it is doing :confused: Any help would be useful for me. Lokesha (4 Replies)
Discussion started by: Lokesha
4 Replies

2. UNIX for Dummies Questions & Answers

Can you force local NTP server to be accepted as "suitable"?

Is there some way to force the NTP server on a brand-new install to be "suitable" to sync other servers from? (I'm more concerned with synchronization between machines, and less concerned with what the actual time they sync to is) For example, whenever I install fresh from the Fedora DVDs and... (0 Replies)
Discussion started by: jjinno
0 Replies

3. Shell Programming and Scripting

awk command to replace ";" with "|" and ""|" at diferent places in line of file

Hi, I have line in input file as below: 3G_CENTRAL;INDONESIA_(M)_TELKOMSEL;SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL My expected output for line in the file must be : "1-Radon1-cMOC_deg"|"LDIndex"|"3G_CENTRAL|INDONESIA_(M)_TELKOMSEL"|LAST|"SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL" Can someone... (7 Replies)
Discussion started by: shis100
7 Replies

4. Shell Programming and Scripting

HPUX "bdf" , "%" align to right side.

Hi All, Need you help. I have HPUX “bdf” output, I need % to be align to right side. if you see there are long file systems lv so i cant do column formatting. Any idea or best way to align the "%" to be right side. /dev/emcvg02/lv01 52428800 29931 49123947 0% /abc/disco/iasbin... (7 Replies)
Discussion started by: ashanabey
7 Replies

5. UNIX for Dummies Questions & Answers

Using "mailx" command to read "to" and "cc" email addreses from input file

How to use "mailx" command to do e-mail reading the input file containing email address, where column 1 has name and column 2 containing “To” e-mail address and column 3 contains “cc” e-mail address to include with same email. Sample input file, email.txt Below is an sample code where... (2 Replies)
Discussion started by: asjaiswal
2 Replies

6. Shell Programming and Scripting

Bash script - Print an ascii file using specific font "Latin Modern Mono 12" "regular" "9"

Hello. System : opensuse leap 42.3 I have a bash script that build a text file. I would like the last command doing : print_cmd -o page-left=43 -o page-right=22 -o page-top=28 -o page-bottom=43 -o font=LatinModernMono12:regular:9 some_file.txt where : print_cmd ::= some printing... (1 Reply)
Discussion started by: jcdole
1 Replies

7. Solaris

Ipadm showing "/?" in ADDROBJ on S11 local zone

Hi! I have a Solaris 11 local zone, everything is running fine, BUT, when I issue an "ipadm show-addr" from inside the local zone I get the following: root@xxxxxxx:/var/opt# ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/? inherited ok 127.0.0.1/8... (2 Replies)
Discussion started by: rtmg
2 Replies

8. AIX

Apache 2.4 directory cannot display "Last modified" "Size" "Description"

Hi 2 all, i have had AIX 7.2 :/# /usr/IBMAHS/bin/apachectl -v Server version: Apache/2.4.12 (Unix) Server built: May 25 2015 04:58:27 :/#:/# /usr/IBMAHS/bin/apachectl -M Loaded Modules: core_module (static) so_module (static) http_module (static) mpm_worker_module (static) ... (3 Replies)
Discussion started by: penchev
3 Replies

LEARN ABOUT LINUX

ipfw

IPFW(4)                                                    BSD Kernel Interfaces Manual                                                    IPFW(4)

NAME

     ipfw -- IP packet filter and traffic accounting

SYNOPSIS

     To compile ipfw into the kernel, place the following option in the kernel configuration file:

           options IPFIREWALL

     Other kernel options related to ipfw which may also be useful are:

           options IPFIREWALL_DEFAULT_TO_ACCEPT
           options IPFIREWALL_FORWARD
           options IPFIREWALL_VERBOSE
           options IPFIREWALL_VERBOSE_LIMIT=100

     To load ipfw as a module at boot time, add the following line into the loader.conf(5) file:

           ipfw_load="YES"

DESCRIPTION

     The ipfw system facility allows filtering, redirecting, and other operations on IP packets travelling through network interfaces.

     The default behavior of ipfw is to block all incoming and outgoing traffic.  This behavior can be modified, to allow all traffic through the
     ipfw firewall by default, by enabling the IPFIREWALL_DEFAULT_TO_ACCEPT kernel option.  This option may be useful when configuring ipfw for
     the first time.  If the default ipfw behavior is to allow everything, it is easier to cope with firewall-tuning mistakes which may acciden-
     tally block all traffic.

     To enable logging of packets passing through ipfw, enable the IPFIREWALL_VERBOSE kernel option.  The IPFIREWALL_VERBOSE_LIMIT option will
     prevent syslogd(8) from flooding system logs or causing local Denial of Service.  This option may be set to the number of packets which will
     be logged on a per-entry basis before the entry is rate-limited.

     Policy routing and transparent forwarding features of ipfw can be enabled by IPFIREWALL_FORWARD kernel option.

     The user interface for ipfw is implemented by the ipfw(8) utility, so please refer to the ipfw(8) manpage for a complete description of the
     ipfw capabilities and how to use it.

SEE ALSO

     setsockopt(2), divert(4), ip(4), ipfw(8), sysctl(8), syslogd(8), pfil(9)

BSD                                                              September 1, 2006                                                             BSD
All times are GMT -4. The time now is 12:03 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy