[Dshield] nat

Freek de Kruijf f.de.kruijf at hetnet.nl
Tue Oct 26 16:17:46 GMT 2004


On Tuesday 26 October 2004 16:15, Moritz Gartenmeister wrote:
> hi
>
> i'm logging the traffic behind a nat router. so my logfiles always
> contains connections from a private ip (172.17.0.0/16) to whatever
> (excluding our private network) and vice-versa.
>
> iptables on linux 2.6 (debian testing)
>

Most likely you can use the perl script ipl.pl for SuSEfilewall2. See 
https://secure.dshield.org/linux_clients.php#suse. There is a somewhat 
hidden feature in the obfus parameter in /etc/dshield.cnf.
Specify this parameter as:
obfus=R:w.x.y.z where w.x.y.z is your global IP-address
The R means that the destination address, your private address, will be 
replaced by the address after the 'R:' .

-- 
fr.gr.

Freek de Kruijf




More information about the list mailing list