I am trying to configure a firewall, but nailing down the configuration
is eluding me. The box is running Debian stable.
Basically, I have a rackmount server with six network cards. eth0 is the
internal network, eth1 is a kiosk network, eth2 is a DMZ/wireless
network. On the outbound side, eth3 is a DSL connection and eth4 is a
cablemodem connection.
What I am trying to do is route all internal traffic out the DSL
connection (eth0 to eth3), and the two dmzs, kiosk and wireless out the
cable connection (eth1 and eth2 to eth4). Thus far as I have been unable
to get this to work.
For the sake of the discussion, the internal network is 10.1.1.0/24, the
kiosk is 172.16.1.0/24 and the dmz/wireless is 192.168.1.0/24. The dsl
line is 1.2.3.4 and the cable line is 9.8.7.6.
I added the following to rt_tables:
1 internal
2 kiosk
3 dmz
then created a script
ip rule add from 10.1.1.0/24 table internal
ip route add default via 1.2.3.4 dev eth3 table internal
ip rule add from 172.16.1.0/24 table kiosk
ip route add default via 9.8.7.6 dev eth4 table kiosk
ip rule add from 192.168.1.0/24 table dmz
ip route add default via 9.8.7.6 dev eth4 table dmz
When I run this script, it does not do what I expect, especially after
running the firewall rules atop it. I thought I had it nailed, but it
wasn''t working as expected, and I really couldn''t test very
well.
I''m hoping some kind soul on this list might have a few minutes for an
email exchange to help me get this sorted out. If so, please email me
off-list. I''m sure its probably something that I overlooked, but
I''m at
a loss as to what.
Regards,
--b
