On Thursday 21 March 2002 11:40 pm, Ben Bargabus wrote: > > http://www.linuxdoc.org/HOWTO/mini/Bridge+Firewall+DSL.html > > I read through this document and it appears that this system would > require me to have valid ip addresses for the internet on each of the > machines on my LAN. That's not the case, they have 10.0.0.x addresses > with the exception of the few machines I want to fun server > functionality on. What I'd like to do is give everyone on my LAN a > 10.0.0.x address so that I can properly broadcast to them but then on > the router/proxy machine redirect anything inbound for a specific > internet ip (say 64.122.70.118) to one of my 10.0.0.x internal addresses > (say 10.0.0.32). All of the standard desktop machines would just use > normal masquerading to comunicate with the internet. Is what I'm trying > to do not possible? Absolutely. I've done it for my home network, using ipchains, and the 192.168.0.n Class C addresses. First step is to set up the IP address for the machine that's going to function as a router; then add a virtual IP of, say, 10.0.0.1 (webmin's my tool of choice); then follow the step-by-step directions at http://www.mandrakeuser.org/docs/connect/cipc.html, and add your choice of (ipchains, in my case) rules to pass along what you want to where you want (one simple way is with pmfirewall, which is what I use) and block everything else. -- ------------------------------------- There's a widow in sleepy Chester Who weeps for her only son; There's a grave on the Pabeng River, A grave that the Burmans shun, And there's Subadar Prag Tewarri Who tells how the work was done. -------------------------------------