28 Oct
2004
28 Oct
'04
11:25 a.m.
On Thu, 2004-10-28 at 09:22, Phil Moors wrote:
What is the right way to use a virtual ip address (alias) bound to an outside interface and forward traffic to a host in the private network? I can get the Plug to work with the eth3 address, but not with the eth3:1 address.
You don't have to "tproxy-ing" a traffic like that. You should just put an ACCEPT rule on the right place, then you can put your listener on the desired IP (on the IP of eth3:1 in this case). However, you can "tproxy-ing" this traffic, but the packet will appear on the primary IP of the interface, so the listener should listen on that IP. Or you can use the '--on-ip' parameter of the TPROXY target. MCS