My Internet gateway is using ADSL PPPoE connection with dynamic public IP assigned by ISP. My Internet gateway is Redhat AS3 U2, shorewall 2.0.9 As my ISP provided 4 simultaneous pppoe dailup connection for the same physical adsl line. My linux server can be configured for multiple pppoe connection i.e. ppp0, ppp1, ppp2, ppp3 Is it possible of shorewall to assigned say ppp0''s IP is assigned to local 192.168.100.10 ppp1''s IP is assigned to local 192.168.100.11 ppp2''s IP is assigned to local 192.168.100.12 ppp3''s IP is assigned to local 192.168.100.13
Adrian Mak wrote:> My Internet gateway is using ADSL PPPoE connection with dynamic public > IP assigned by ISP. My Internet gateway is Redhat AS3 U2, shorewall > 2.0.9 > > As my ISP provided 4 simultaneous pppoe dailup connection for the same > physical adsl line. My linux server can be configured for multiple > pppoe connection i.e. ppp0, ppp1, ppp2, ppp3 > > Is it possible of shorewall to assigned say > ppp0''s IP is assigned to local 192.168.100.10 > ppp1''s IP is assigned to local 192.168.100.11 > ppp2''s IP is assigned to local 192.168.100.12 > ppp3''s IP is assigned to local 192.168.100.13 > _______________________________________________I don''t understand your question -- Shorewall has nothing to do with the assignment of IP addresses to interfaces. If you don''t really care which traffic is allowed on which interface though, you can simply use "ppp+" as the interface name in /etc/shorewall/interfaces: #ZONE INTERFACE BROADCAST OPTIONS net ppp+ - ... -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Let me describe my scenario My adsl connection provided by ISP allow 4 simultaneous login (i.e. the adsl modem has four lan ports, which allow 4 PCs connected to and using pppoe to dialup) I use my linux server to dialup four times to get four ip address i.e. #adsl-start and get e.g. 1.1.1.2 of ppp0 #adsl-start and get e.g. 1.1.1.20 of ppp1 #adsl-start and get e.g. 1.1.1.15 of ppp2 #adsl-start and get e.g. 1.1.1.30 of ppp3 now, the linux server has four ppp connections Then I want for example UserA using 1.1.1.2 to access the Internet USerB using 1.1.1.15 to access the Internet UserB using 1.1.1.20 to access the Internet 1.1.1.30 for others On Mon, 31 Jan 2005 06:49:40 -0800, Tom Eastep <teastep@shorewall.net> wrote:> Adrian Mak wrote: > > My Internet gateway is using ADSL PPPoE connection with dynamic public > > IP assigned by ISP. My Internet gateway is Redhat AS3 U2, shorewall > > 2.0.9 > > > > As my ISP provided 4 simultaneous pppoe dailup connection for the same > > physical adsl line. My linux server can be configured for multiple > > pppoe connection i.e. ppp0, ppp1, ppp2, ppp3 > > > > Is it possible of shorewall to assigned say > > ppp0''s IP is assigned to local 192.168.100.10 > > ppp1''s IP is assigned to local 192.168.100.11 > > ppp2''s IP is assigned to local 192.168.100.12 > > ppp3''s IP is assigned to local 192.168.100.13 > > _______________________________________________ > > I don''t understand your question -- Shorewall has nothing to do with the > assignment of IP addresses to interfaces. If you don''t really care which > traffic is allowed on which interface though, you can simply use "ppp+" > as the interface name in /etc/shorewall/interfaces: > > #ZONE INTERFACE BROADCAST OPTIONS > net ppp+ - ... > > -Tom > -- > Tom Eastep \ Nothing is foolproof to a sufficiently talented fool > Shoreline, \ http://shorewall.net > Washington USA \ teastep@shorewall.net > PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key >
Adrian Mak wrote:> Let me describe my scenario > > My adsl connection provided by ISP allow 4 simultaneous login > (i.e. the adsl modem has four lan ports, which allow 4 PCs connected > to and using pppoe to dialup) > > I use my linux server to dialup four times to get four ip address > i.e. > #adsl-start and get e.g. 1.1.1.2 of ppp0 > #adsl-start and get e.g. 1.1.1.20 of ppp1 > #adsl-start and get e.g. 1.1.1.15 of ppp2 > #adsl-start and get e.g. 1.1.1.30 of ppp3 > > now, the linux server has four ppp connections > > Then I want for example > UserA using 1.1.1.2 to access the Internet > USerB using 1.1.1.15 to access the Internet > UserB using 1.1.1.20 to access the Internet > 1.1.1.30 for others >By "UserA", do you mean some computer behind the firewall? If so, you might be able to do this with Policy routing but it will require some scripting, especially of the IP addresses you get via PPPOE are dynamic. At any rate, this has almost nothing to do with Shorewall; about all you would need to do in Shorewall would be to use the tcrules file to uniquely mark those packets that came from UserA, UserB and UserC so that you could send them to separate routing tables. The LARTC Howto would be your best place to start (look in the Shorewall "Useful Links" page); the Shorewall Squid documentation also has some examples of using tcrules to mark traffic for routing. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key