Re: Setting up firewall on 2 interface within same subnet?
>>>>> ""Jason" == "Jason Chan <MIS Dept.>" <firstname.lastname@example.org> writes:
"Jason> Hi all, I have a few things to clarify on configuring
"Jason> firewall on the same subnet.
"Jason> I have 2 interface on this Linux-Box. Which I am trying to
"Jason> configure the same interface on the same subnet. Is it
"Jason> possible? Do i need to segment them on 2 diff subnet? pls
"Jason> explain if there is no possibilities to install a firewall
"Jason> with 2 interfaces on the same subnet(shown below).
You should be able to do this with arp and a coulpe of hostroutes:
# Setting up arp tables for your internal hosts
# (eth0=external NIC, eth1=internal NIC)
arp -i eth0 -Ds 126.96.36.199 eth1 pub
arp -i eth0 -Ds 188.8.131.52 eth1 pub
route add -host 184.108.40.206 dev eth1
route add -host 220.127.116.11 dev eth1
# Setting up arp table for hosts on the same segment, but outside the fw
# else the internal hosts wouldn't be able to see them.
arp -i eth1 -Ds 18.104.22.168 eth0 pub
arp -i eth1 -Ds 22.214.171.124 eth0 pub
arp -i eth1 -Ds 126.96.36.199 eth0 pub
.... and so on
Default gw at your internal hosts should be the IP at the external
NIC at your fw (188.8.131.52)
Default gw at your fw should be 184.108.40.206
Mvh Claus Albøge
% rm -f *;o
% command not found: o