Re: Shorewall & network/interfaces
On Wed, Nov 26, 2008 at 10:05:00AM +0200, Andrei Popescu wrote:
> On Tue,25.Nov.08, 19:54:30, Tom Allison wrote:
>
> >> Do they *need* to be on the same network?
> >>
> > They don't need to be on the same network, but I only have one for
> > now.
>
> It's better and simpler to have separate networks for internet and lan.
>
> > I originally tried to set this up against the ISP and it could not identify
> > any dhcp traffic and only rejected everything as being a martian.
> > Seriously broken?
> >
> > I'll have to go back and RTFM.
>
> Some time ago I posted a tutorial for masquerading with shorewall. Let's
> see... it's still there
>
> http://newbiedoc.berlios.de/wiki/Firewall_with_masquerading
I run shorwall between my dial-up modem and the rest of my net. I could
tar everything up and mail it if you like.
The difference will be that I don't have two NICs (since the internet is
a ppp link).
One thing that I didn't understand in the previous thread of this thread
:) is that the broadcast address on both NICs was the same. I think
that the netmask, broadcast, and network addresses need to be checked so
that everything knows that the two NICs are both separate networks.
Doug.
Reply to: