David Sedeño Fernández wrote:> Hi, > > I have a bridge firewall already working with 2 eth. I need to set up a > another eth to do NAT like http://www.shorewall.net/images/bridge2.png > > The question is (using the same notation as the image), I need to put a > 192.168.0.2.X in the eth1 and act as the bridged part (not use Nat). It > is possible ?I''m sorry -- I don''t understand your question. If you are asking if you can reverse the roles of eth2 and eth1, the answer is of course "Yes". -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
David Sedeño Fernández wrote:> Sorry for not be so clear. The problem is that I need to have a > 192.0.2.150/24 machine in eth1 lan part and act as it was in eth2 lan > part (bridging it and not nating it).I think what you''re looking for is Proxy-ARP. See the docs... A.
Hi, I have a bridge firewall already working with 2 eth. I need to set up a another eth to do NAT like http://www.shorewall.net/images/bridge2.png The question is (using the same notation as the image), I need to put a 192.168.0.2.X in the eth1 and act as the bridged part (not use Nat). It is possible ? Thanks in advance. PS : I''m not subscribe to the list. Please reply to my address. David Sedeño
El mar, 08-02-2005 a las 08:57 -0800, Tom Eastep escribió:> Copy of post sent to shorewall-users@lists.shorewall.net: > > David Sedeño Fernández wrote: > > Hi, > > > > I have a bridge firewall already working with 2 eth. I need to set up a > > another eth to do NAT like http://www.shorewall.net/images/bridge2.png > > > > The question is (using the same notation as the image), I need to put a > > 192.168.0.2.X in the eth1 and act as the bridged part (not use Nat). It > > is possible ? > > I''m sorry -- I don''t understand your question. If you are asking if you > can reverse the roles of eth2 and eth1, the answer is of course "Yes". > > -TomSorry for not be so clear. The problem is that I need to have a 192.0.2.150/24 machine in eth1 lan part and act as it was in eth2 lan part (bridging it and not nating it). Thanks David
El mar, 08-02-2005 a las 18:27 -0500, David Sedeño Fernández escribió:> Sorry for not be so clear. The problem is that I need to have a > 192.0.2.150/24 machine in eth1 lan part and act as it was in eth2 lan > part (bridging it and not nating it).I will try it doing the three interfaces bridged and doing source nat for the needed ips. David