On Thu, 29 Jan 2004 15:27:08 -0500 (EST), "FEEB" <spamtrap@chem.utoronto.ca>
wrote:

>I have built a number of NAT systems in several countries, which use
>reserved IP addresses for their masqueraded networks (192.168.0.0/16,
>10.10.0.0/16, etc.). I am familiar with IP tables.
>
>Now I would like to build a system, that would just forward packets from
>eth0 to eth1. Both NIC would operate in the same IP block.
>That would give me an opportunity to filter out undesirables in both
>directions, while making all my machines visible from outside.
>
>I looked over HOWTO's and miniHOWTO's, but they all deal with NAT systems,
>not just strict forwarding.
>
>Before I start reinventing the wheel, I would like to see some solutions
>already available in public domain.
>Could anyone please point me to a source of info on this subject?

It seems to me that this is simpler than you think.

If you aren't doing NAT, then you just need ACCEPT or DROP rules. As for
forwarding, you leave that up to the Linux TCP/IP stack by setting the
/proc/sys/net/ipv4/ip_forward value to 1.

--
Lew Pitcher
IT Consultant, Enterprise Technology Solutions
Toronto Dominion Bank Financial Group

(Opinions expressed are my own, not my employers')