Re: Firewall to two networks
On 22 Aug 2002 at 12:01, Vince Mulhollon wrote:
> Here's the important part:
> Post your /sbin/route -n from the firewall itself.
> Also post your ifconfig from the firewall.
Dear Vince and others: I've had no response to posting those on the
list but have slept on the problem and maybe understand more now.
If anyone can find time to comment on these thoughts and my posting
of the route and ifconfig information on the list last night, I'd
hugely appreciate it as I'm still unconfident that I understand and
the linux firewall HOWTO seems to say I should be able to ping to and
from those cards.
Currently I can't ping out from the inward facing cards on the future
firewall to a numeric address on the same hub. Sleeping on it makes
me realise this may be because the address I'm pinging isn't on the
same subnet and I now have no gateway for those cards or they'll pick
the gateway facing the ADSL router (which fits with being able to
ping successfully through that!).
What about not being able to ping _to_ those cards' numeric addresses
either? Again I guess that's because they'll be on a different
subnet from the machine I'm trying to ping from so that machine will
try to ping them through its own gateway which is the ADSL router?
Aha.... but if I add itself as gateway to the internally facing
card's interfaces entry no change ditto if I give its address as
gateway to the machine I'm pinging from. Clearly I still don't
understand the basics of subnets, broadcasts, networks and gateways
and I want to understand this before I go the next step to an initial
iptables set of rules from fwbuilder.
Help please? TIA,
Chris
PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling
and Therapeutic Communities; practice, research,
teaching and consultancy.
Chris Evans & Jo-anne Carlyle
http://psyctc.org/ Email: chris@psyctc.org
Reply to: