[Coldstuff] IP Masq / forwarding

Bruce Mitchener coldstuff@cold.org
Wed, 20 Feb 2002 13:05:31 -0700

Brandon Gillespie wrote:

> On Wed, Feb 20, 2002 at 11:19:31AM -0800, Jonathan Robertson wrote:
>>I am going to be toying around with the idea of using
>>ip masq and forwarding to hide my server behind
>>another firewall.  Has anyone else already done this?
>>Comments or suggestions from anyone?
> Please correct me if I'm wrong, but isn't linux's IP masquerading just
> PAT/NAT?  If so, its not really appropriate for a server (inbound) and
> was originally designed to hide a network behind a single IP address
> (outbound).  While you can manage inbound on a port by port basis to a
> server... why would you in this situation?  It would work, but you
> dont get much value and you do get more complexity...

Speaking for myself, I use NAT because I have a single IP at home and 
have 4 machines.  I run multiple Cold servers, multiple SSH servers, 
multiple web servers, and so on and need them all publicly accessible 
from the outside world.

NAT works just fine for that.

  - Bruce