First of all I would like to say that I find shorewall really userfriendly, and I like that =) It was easy to install and pretty easy to configure for a not-so-experienced linux user like myself. I have one question though: I''m using a DSL connection, and I would like to use the "norfc1918" option on the net interface. The problem is that my ISP''s ip to the login server is 10.0.0.6, and dns servers are 10.0.0.1, 10.0.0.2. This means I can''t reach them with "norfc1918" enabled. What''s the best way to solve this problem? Is it to put rules in the shorewall/start file like this: run_iptables -I rfc1918 -s 10.0.0.1 -j ACCEPT (+ the other 2 ip''s) ? Thanks /Ola J
--On Tuesday, November 12, 2002 6:35 PM +0100 Ola J=F6nsson <ola@alien.se>=20 wrote:> First of all I would like to say that I find shorewall really > userfriendly, and I like that =3D) It was easy to install and pretty easy > to configure for a not-so-experienced linux user like myself. > > I have one question though: > I''m using a DSL connection, and I would like to use the "norfc1918" > option on the net interface. The problem is that my ISP''s ip to the login > server is 10.0.0.6, and dns servers are 10.0.0.1, 10.0.0.2. This means I > can''t reach them with "norfc1918" enabled. > What''s the best way to solve this problem? Is it to put rules in the > shorewall/start file like this: run_iptables -I rfc1918 -s 10.0.0.1 -j > ACCEPT (+ the other 2 ip''s) ?Simply edit the /etc/shorewall/rfc1918 file to pass traffic from these=20 hosts. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://shorewall.sf.net ICQ: #60745924 \ teastep@shorewall.net
--On Tuesday, November 12, 2002 9:40 AM -0800 Tom Eastep <teastep@shorewall.net> wrote:> > Simply edit the /etc/shorewall/rfc1918 file to pass traffic from these > hosts. >See http://shorewall.sf.net/FAQ.htm#faq14 for details. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://shorewall.sf.net ICQ: #60745924 \ teastep@shorewall.net