I have tried this myself. it seems that iptables doesn't yet have that 
capability (at least as far as I have discovered). the only OS/firewall I 
know of that can is the PF for openBSD.

Mind you, this is just a thought, but perhaps iptables might need to be 
reddesigned for this capability in mind.

Technomage Hawke

On Saturday 08 January 2005 10:57, George Toft wrote:
> I have a problem and am wondering how the brightest Linux brains of
> Phoenix would solve it.
>
> Problem:
> A certain web site that my family enjoys will not allow multiple
> computers from the same IP address to use the site at the same time.  I
> currently have a Linux firewall with 2 NICs - one for the Internet and
> one for my LAN running NAT so all of my systems have the same public IP
> address.
>
> Qwest allows me 4 IP addresses, and I would like to take advantage of
> them so we can have more than one computer at the site at one time.
>
>
> Problem Statement:
> Build a firewall that:
> 1. Allows each computer on the LAN to send traffic out a different IP
> address on the Internet side of the firewall.
> 2. Filters all outgoing traffic though DansGuardian/squid.
>
> Essentially, each computer in the house would appear to have its own NAT
> firewall, and I don't want to actually deploy 3 more hardware firewalls.
>
>
> Random thoughts so far:
> 1.  Set up box with 4 copies of VMWare running - each with a copy of the
> existing firewall.
>
> 2.  Set up usermode Linux and have each one run a firewall & proxy.  I'm
> pretty fuzzy on this stuff.
>
> 3.  Bind multiple IP's to each NIC, and attempt to set up the iptables
> script from hell.
>
>
>
> Any input/suggestions/advice would be appreciated.
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss