iptables? issue

[jdow]

On 2012/02/14 12:40, Joe Zeff wrote:
> On 02/14/2012 12:30 PM, jdow wrote:
>> Hm, would you not want to run a router daemon if you want to use a machine
>> as a router/gateway?
>
> I'd expect so. In that case, of course, you'd say that it was acting as the
> router for W.X.Y.Z/NN, but most of the time you wouldn't express its own IP that
> way. See the distinction I'm making?

I was reading this thread and when I hit nullv's message the coin dropped
about routers if he wants to use one of his Internet addresses as a
gateway for the internal network. If he wants access to his 10.x.y.z
network, though, that db0 machine will have to come in through one of
his computers using port forwarding, not necessarily NAT. And if he wants
db0 to be exposed on the Internet he'd have to play the aliasing tricks.
It's not clear to me just what he was trying to do. Using one of his
machines as a router/gateway/firewall makes a lot of sense from a security
standpoint. For the 10.x.y.z he'd want to use NAT, though. That would hide
the db0 machine from the Internet quite nicely while other machines showed
cleanly.

{^_^}