I have a question or 2 about NAt and linux.

I'm getting tired of using my big box as a firewall
and my desktop.

so, I am in process of setting up a smaller box to
handle the firewalling and NAT.

problem is, IP_MASQ isn't really a good NAt scheme
(as too many important ports are translated into the 61000
range). I would like to set up a NAT that works like
a true proxy (what is requested for inbound on port 
21 <internet> is translated to port 21 on the internal
gateway device and vice versa).

is there a way to do this that isn't complicated?

ipchains makes a good firewall, but as a transparent NAT, 
it sucks.

Hawke

-- 
Make a few extra $$$.
Join http://www.processtree.com/?sponsor=29027

For information about linux:
Caldera Openlinux: http://www.caldera.com
Debian Linux: http://www.debian.org
Slackware Linux: http://www.cdrom.com/titles/os/slackware.htm/
Redhat Linux: http://www.redhat.com
SuSe Linux: http://www.suse.com
Corel Linux: http://linux.corel.com

****** publications *****
Eric. S. Raymonds publications: 
   http://metalab.unc.edu/LDP/HOWTO/reading-list-HOWTO.html

Linux news, tips and links:
   http://gary.singleton.net/

Linux Guide: http://jgo.local.net/LinuxGuide/

Linux Documentation Project:
   http://metalab.unc.edu/linux/