Firewall Wizards mailing list archives

Non-NAT Firewall

From: Nathaniel Hall <nathaniel.d.hall () gmail com>
Date: Sun, 06 Nov 2005 18:28:03 -0600

Alright, this is a bit tough to explain, so I will try my best.

I am currently running a CheckPoint-NG firewall with three interfaces. 
Interface 1 goes to DMZ 1 (public IP addressing and Internet facing),
interface 2 goes to DMZ 2 (public IP addressing) and interface 3 goes to
the internal network (private IP addressing).  The CheckPoint FW does
not peform NAT.  That allows me to review logs of servers in DMZ 1
without having to figure out what internal IP as NATed.

Now, for my problem.  I would like to be able to have the same
functionality using NetFilter, but I have not been able to figure out
how to do this without masquerading or using DNAT and SNAT.  Any ideas?

-- 
Nathaniel Hall, GSEC GCIA

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Non-NAT Firewall Nathaniel Hall (Nov 10)
- Re: Non-NAT Firewall Devdas Bhagat (Nov 17)
- RE: Non-NAT Firewall Paul Melson (Nov 17)
- Re: Non-NAT Firewall Sigurd Urdahl (Nov 17)
  - Re: Non-NAT Firewall Nathaniel Hall (Nov 17)
  - Re: Non-NAT Firewall R. DuFresne (Nov 22)