Re: Shorewall & network/interfaces
On Tue, Nov 25, 2008 at 07:54:30PM -0500, Tom Allison wrote:
> Andrei Popescu wrote:
>> On Tue,25.Nov.08, 06:04:52, Tom Allison wrote:
>>> I too am trying to set-up Shorewall as a firewall box.
>>> And I ran into some peculiar problems that are related to shorewall
>>> and not related to shorewall.
>>>
>>> right now I'm trying to get the firewall interfaces to come up on the
>>> same network. So eth0 and eth1 are both on 192.168.1.0/24 with eth1
>>> being DHCP and eth0 being static (eth0 will be my LAN and eth1 will be
>>> my internet).
>> Do they *need* to be on the same network?
>
> They don't need to be on the same network, but I only have one for now.
Configuring one of your nics to, say 192.168.2.1, _creates_ that network,
so saying you "only have one" doesn't make sense to me. Maybe you mean that
you don't have another network wired? Get/build a cross-over ethernet cable,
connect a laptop to it, and there's your network.
Trying to get two interfaces on one network is not trivial. Unless you have
some specific need to do that, I'd recommend keeping it simple and having one
interface per network.
> I originally tried to set this up against the ISP and it could not
> identify any dhcp traffic and only rejected everything as being a
> martian. Seriously broken?
>
> I'll have to go back and RTFM.
Highly recommended!
Ken
--
Ken Irving
Reply to: