[zorp] Virtual IP PlugProxy

Major Csaba zorp@lists.balabit.hu
Thu, 28 Oct 2004 11:25:51 +0200

Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Thu, 2004-10-28 at 09:22, Phil Moors wrote:
> What is the right way to use a virtual ip address (alias) bound to an
> outside interface and forward traffic to a host in the private network? I
> can get the Plug to work with the eth3 address, but not with the eth3:1
> address.

 You don't have to "tproxy-ing" a traffic like that. You should just put
an ACCEPT rule on the right place, then you can put your listener on the
desired IP (on the IP of eth3:1 in this case).=20
 However, you can "tproxy-ing" this traffic, but the packet will appear
on the primary IP of the interface, so the listener should listen on
that IP. Or you can use the '--on-ip' parameter of the TPROXY target.


Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

Version: GnuPG v1.2.4 (GNU/Linux)