probably a (trabsparent) bridging firewall is better in
your place. unfortunately this is not possible with shorewall if i
remember the docs correctly
cya
Holger Brueckner
net-labs Systemhaus GmbH
On Wed, 2003-11-19 at 11:05, fanabe@tin.it wrote:> Hi all,
>
> I have installed a firewall server with 2 nic:
>
> eth0 = 192.168.0.253 (private)
> eth1 = 192.168.0.254 (public)
>
> The subnetwork for the LAN is 192.168.0.0/24.
> The default gateway for all hosts in the subnetwork is IP of eth0.
> Eth1 is connect with cross cable to router Cisco 800 with private ip
192.168.0.1.
> I can''t change the IP private of router because I don''t
have the password
> and I prefer don''t change to ip of subnetwork because I have many
wireless
> systems in the network.
> I would like to know if is possible to set shorewall for work in this
configuration.
> >From a generic host in the subnetwork, if i try to ping 192.168.0.1 (ip
> router) i see the error "Destination Unreachable" because the
packet going
> in of eht0 and outgoing from eth0, the packet is not forwarding to eth1.
>
> >From the /var/log/messages I see that the packet IN=eth0 OUT=eth0
>
> I understand that situation is not good but exist a mechanism for resolve
> this situation ?
>
> Thankin in advance and sorry for my english.
>
> Giuliano.
>
> _______________________________________________
> Shorewall-users mailing list
> Post: Shorewall-users@lists.shorewall.net
> Subscribe/Unsubscribe:
https://lists.shorewall.net/mailman/listinfo/shorewall-users
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm