[Firehol-support] Masquerading happening on simple router?

Carlos Rodrigues carlos.efr at mail.telepac.pt
Fri Oct 14 14:12:24 CEST 2005


Hi!

I have the following definitions in my firehol.conf:


router world-to-dmz \
         inface ${world_iface} outface ${dmz_iface}
         protection strong

         route all accept


router dmz-to-world \
         inface ${dmz_iface} outface ${world_iface}
         protection strong

         route all accept


As can be seen, there is no masquerading configured between "world" and 
"dmz". However, machines in the DMZ (which have public addresses) see 
all connections from the internet as coming from the firewall. Outside 
machines with incoming connections from machines in the DMZ also show 
the same thing.

I have both interfaces "world" and "dmz" with the same IP address, 
configured with proxy-arp, but that shouldn't be the cause of this, AFAIK.

Has anyone got any idea what's happening here?

Thanks

Carlos Rodrigues




More information about the Firehol-support mailing list