On Wed, 24 Jan 1996, Bruce Murphy wrote:
> In message <Pine .
3 .
89 .
9601221631 .
A25783-0100000 @
lvp .
lvp .
nl>,
> Eddie Penninkhof wrote:
> > I'd like to be able to access an host that is located 'inside' a firewall
> > from outside the firewall. The host has a private IP-number (and is accessed
> > by many IP-'clients' inside the private net, so changing the number to a
> > registered number is definitely not preferred).
> > My preferred solution is to install an 'IP number-translator' on the firewall
>
> If someone hasn't already suggested the Linux ip-forwarding stuff to
> you I'd be surprised. While being all very nice and working quite
> well, I found (about two months ago) that it had a rather fatal flaw
> of not retransmitting ICMP packets.
>
> The packets I *really* needed were time exceeded during reassembly
> ones. Not being able to ping a machine for example. Traceroute
> woudln't work.
Question: Did you also install icmpinfo???
Later,
Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
Follow-Ups:
References:
|
|
