Re: Setting up firewall on 2 interface within same subnet?
>>>>> ""Jason" == "Jason Chan <MIS Dept.>" <firstname.lastname@example.org> writes:
"Jason> Hi all, I have a few things to clarify on configuring
"Jason> firewall on the same subnet.
"Jason> I have 2 interface on this Linux-Box. Which I am trying to
"Jason> configure the same interface on the same subnet. Is it
"Jason> possible? Do i need to segment them on 2 diff subnet? pls
"Jason> explain if there is no possibilities to install a firewall
"Jason> with 2 interfaces on the same subnet(shown below).
You should be able to do this with arp and a coulpe of hostroutes:
# Setting up arp tables for your internal hosts
# (eth0=external NIC, eth1=internal NIC)
arp -i eth0 -Ds 220.127.116.11 eth1 pub
arp -i eth0 -Ds 18.104.22.168 eth1 pub
route add -host 22.214.171.124 dev eth1
route add -host 126.96.36.199 dev eth1
# Setting up arp table for hosts on the same segment, but outside the fw
# else the internal hosts wouldn't be able to see them.
arp -i eth1 -Ds 188.8.131.52 eth0 pub
arp -i eth1 -Ds 184.108.40.206 eth0 pub
arp -i eth1 -Ds 220.127.116.11 eth0 pub
.... and so on
Default gw at your internal hosts should be the IP at the external
NIC at your fw (18.104.22.168)
Default gw at your fw should be 22.214.171.124
Mvh Claus Albøge
% rm -f *;o
% command not found: o