[Techtalk] Firewall DMZ Question

James james at james-web.net
Mon Oct 29 08:46:21 EST 2001

I have a full Class C, which I've divided into 8 subnets (4 going to be
used).  I want to have an iptables firewall sitting on the network directing
traffic.  I do not need to masquerading done on this firewall.  I merely
want it to direct traffic between DMZs (Pub #1 = internet;  DMZ #1 =
Internet Servers for www, mail, DNS; DMZ #2 = Network with NAT/Proxy FW
server to private network, which I know how to do; DMZ #3 otherstuff....).

Now how do I setup the routing for this?

Do I have to make entries into the routing table using the route command for

Or will an iptables rule suffice?  Like this one...
53 -j DNAT --to-destination $DMZ_DNS_IP

The tutorial seems to say I'd need to alias the IP on the firewall's public
facing NIC, but doesn't specify how (just add an eth0:1, eth0:2, eth0:3,

This tutorial has RFC1918 IPs for the DMZ servers, but substituting real IPs
in should work, right?

I mostly understand the concepts of firewalls and packet filtering, I just
am confused on this one specific :)

- James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://linuxchix.org/pipermail/techtalk/attachments/20011029/d99586d2/attachment.xhtml

More information about the Techtalk mailing list