[Firehol-support] Masquerading happening on simple router?

Carlos Rodrigues carlos.efr at mail.telepac.pt
Fri Oct 14 13:12:24 BST 2005


I have the following definitions in my firehol.conf:

router world-to-dmz \
         inface ${world_iface} outface ${dmz_iface}
         protection strong

         route all accept

router dmz-to-world \
         inface ${dmz_iface} outface ${world_iface}
         protection strong

         route all accept

As can be seen, there is no masquerading configured between "world" and 
"dmz". However, machines in the DMZ (which have public addresses) see 
all connections from the internet as coming from the firewall. Outside 
machines with incoming connections from machines in the DMZ also show 
the same thing.

I have both interfaces "world" and "dmz" with the same IP address, 
configured with proxy-arp, but that shouldn't be the cause of this, AFAIK.

Has anyone got any idea what's happening here?


Carlos Rodrigues

More information about the Firehol-support mailing list