search for: shorewall_and_aliased_interfaces

List, I have a server Co-Located, it has multiple ip''s "6" and I was wondering if there was something I should look for before emplementing Shorewall. I have been using Shorewall on my lan/wan for some time now, just never with Virtual ip''s to the Intrernet! System is: WhiteBox 3.0 As I said in body 6 ips eth0,eth0:0 and so on . Any help is appreciated! Brian

i''ll need to have a virtal server, but why i can do this?

Hi. I have a Linux box with two network interfaces. The local interface has an alias so it can listen to two (completely) different subnets. I need to configure a Firewall and a DHCP server in the same machine. I have: eth0 > net eth1 > loc1 eth1:1 > loc2 If my DHCP server will use eth1 IP address (main IP address for that interface), How do I specify the ''dhcp'' option

Hello I''m new to the list. I installed a vserver (http://www.linux-vserver.org/) on my gentoo server As network interface is used an alias (eth1:0) eth1 is the card of my "loc" zone. eth1:0 has an address from the same subnet from the vserver I can connect to eth0 but not to the internet. From my local net everything works fine. I have an entry in "mask" for eth1

breakdown of what iam doing ok i have access to 6 ips and i want to run all of them through my firewall ifconfig eth0 209.159.32.162 netmask 255.255.255.0 up ifconfig eth0:1 209.159.32.163 netmask 255.255.255.0 up that sets up the network card to have 2 address well in shorewall i tried to add eth0:1 to my interfaces well it says that Determining Zones... Zones: inet inet2 loc cust vpn1

Hi Tom (and others) encase you don''t know my network already ;) here''s a quick run down eth0 lan 192.168.1.1/255.255.255.0 eth1 wan1 172.30.7.4/255.255.240.0 eth2 wan2 202.37.230.93/255.255.255.192 eth3 wan3 203.96.213.73/255.255.254.0 I''ve got routes and rules for all the above interfaces :) I want to add another one, however I fear this might cause some issues I have

...aving the office now so no time to continue. >If you are configuring eth0:1 using a tool included with >Mandrake/Fedora/Debian/Slackware/Gentoo/<whatever distribution you have >installed today> then you do not want ADD_IP_ALIASES=Yes in shorewall.conf. >See http://shorewall.net/Shorewall_and_Aliased_Interfaces.html for >additional information about configuring multiple addresses on an interface. I will read up on this tonight. Unfortunately I am leaving the office right now, but I have it replicated at home. But if I understand you correctly, if I leave the GUI network settings untouched, and leave...

I been running shorewall with out any problems for several months. But I''ve now run into a problem. Hopefully this will be enough information. I''m running shorewall version 1.4.8. On Fedora core 1. Coming into my location I have a T1. I have 5 internet routable IP''s. I''m currently using one as my default internet connection. My ISP''s router is

So I am trying to get a firewall up at work using Shorewall 2.2 / Mandrake RC 1, where we have multi-ips assigned to a single machine.... Now at one point I had Shorewall and Mandrake configured and it was working... this was our setup essentially (I''ll use 192.0.0.x as out external IP addresses) In ifconfig: eth0 192.0.0.202 nmask 255.255.255.248 eth0:1 192.0.0.203 nmask

Hi there, I''ve read Routing on One Interface, and Shorewall and Aliased Interfaces docs but I''m a little confused, and all my test attempts have mostly failed. Here is my setup: CentOS 4.2 ShoreWall 3.0.2 My server has a subnet 192.168.50.0/29 routed to it via 192.168.1.2. Currently 192.168.1.2 is setup on eth0. With no ShoreWall involved routing seems to work if I just setup

Because of the volume of questions recently regarding Shorewall and Virtual/Aliased Interfaces (e.g., eth0:0), I have written a document that discusses this issue. It may be found at: http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html The document is linked from the "Documentation Index" and from FAQ #18. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net

...am searching for a solution to do the following: I have an ISP from which Iam able to get several public IPs. Now I want to put several IPs on the interface eth0 (eth0, eth0:1 ...). I found out how to do this with dhcpcd. The problem now is that I do not know how to configure shorewall (I found the Shorewall_and_Aliased_Interfaces-Manual, but there every example is with fixed IPs). Now Iam asking, is this possible, or not? If the answer is yes, how I have to configure shorewall? Please also send a copy of your answer to muellega@ee.ethz.ch. Thanks Gabriel Mueller

Hello, My server is on Mandrake 10.1 off. eth0 is WAN with static IP connected 512 DSL eth1 is LAN. I have NAT working on 192.168.0.0. I want to feed a second subnet 192.168.21.0. What is the best way to implement it ? Thanks Varun

I forgot to include my masq file. It''s pretty straightforward: eth2 eth0 eth2 eth1 Cheers, Brian

Hi, I am having problem in getting my fw to connect to the net, I had set allow fw net in the policy. I suspect maybe shorewall having problem because I have 5 public IP alias to my fw, which is eth0, eth0:1-eth0:4. Because before I add more ip to this interface my fw able to connect to the net. How can I set one IP to be bind to this fw, or I had to change the rules from fw to fw:w.x.y.z? One

Hello Tom, I seem to be missing the big picture here.. can you shed some light? I have a three interface setup loc,dmz, net I have 4 global addresses that I want to attach to eth0 (net) address 1 - fw address address 2- I want to forward to a (loc)router that uses dynamic dns vpn (gre) (Yamaha router) address 3 - web server/Bind9 (dmz)forward port 80,443,53 address 4 - mail server (dmz)pop3,

Good Morning. Last week I posted a question about how to set up Shorewall Firewall to coexist with a DHCP server. I set up three zones and assigned two of them to the interfaces: net Zone is assigned to eth0 and loc Zone is to eth1. You said that I shouldn''t type any entries for loc2 Zone (assigned to eth1:1) since Shorewall can''t recognize an interface named eth1:1, but then

Hi all, I haven't found anything in Google about this. I'm creating a firewall router with Centos with few virtual IP using iptables. May I ask for your experience? Is there any pitfall or bad side of using virtual IP for this purpose? I'm using few virtual IP to accommodate few subnets that go through this firewall/router. Thank you. Fajar.

I''ll take this one next. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net

I have attached the present system setup as requested. This is a Mandrake 10.1 system, and the /etc/shorewall files excerpted are exactly those setup when I requested the firewall with connectivity for web, dns, ssh and mail servers along with bittorrent services. However, on a restart, shorewall informed me that eth2:10 was invalid. I therefore manually removed all the aliased subsets for eth2