Hi guys, My shorewall appliance has 3 eth interfaces. I have one as the main net i/f, and another is the dmz. The third I''m not currently using. I currently have 2 subnets assigned to me, and I''m wondering how is it possible to have shorewall make use of both subnets? The 2 subnets I have are: aa.bb.cc.80/28 aa.bb.cc.224/28 At this moment shorewall is handling the .80/28 subnet, and I would like to be able to use IPs from the .224/28 subnet. Thanks Ricardo ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer''s challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
Ricardo Kleemann wrote:> Hi guys, > > My shorewall appliance has 3 eth interfaces. I have one as the main net i/f, > and another is the dmz. The third I''m not currently using. > > I currently have 2 subnets assigned to me, and I''m wondering how is it > possible to have shorewall make use of both subnets?Oh yes! Have a look in <http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html> know-how and instructions. Good luck! /Martin ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer''s challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
Thanks. The examples show how to setup 2 local subnets. In my case, I have to external subnets, and only 1 local (or dmz) subnet. All the examples I see so far are for routing to multiple subnets behind the firewall, but my situation is the reverse. How would I handle that? Ricardo ----- Original Message ----- From: "Martin Leben" <ml060223@leben.nu> To: <shorewall-users@lists.sourceforge.net> Sent: Friday, October 03, 2008 2:42 PM Subject: Re: [Shorewall-users] net interface and 2 subnets> Ricardo Kleemann wrote: >> Hi guys, >> >> My shorewall appliance has 3 eth interfaces. I have one as the main net >> i/f, >> and another is the dmz. The third I''m not currently using. >> >> I currently have 2 subnets assigned to me, and I''m wondering how is it >> possible to have shorewall make use of both subnets? > > Oh yes! Have a look in > <http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html> know-how > and > instructions. > > Good luck! > > /Martin > > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer''s > challenge > Build the coolest Linux based applications with Moblin SDK & win great > prizes > Grand prize is a trip for two to an Open Source event anywhere in the > world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer''s challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
Ricardo Kleemann wrote:> Thanks. > > The examples show how to setup 2 local subnets. In my case, I have to > external subnets, and only 1 local (or dmz) subnet. > > All the examples I see so far are for routing to multiple subnets behind the > firewall, but my situation is the reverse. How would I handle that?Your ISP doesn''t require different gateways for the two subnets I''m hoping. Assuming they don,t, there are no routing issues at all. Simply define the addresses and use them. -Tom -- Tom Eastep \ The ultimate result of shielding men from the effects of Shoreline, \ folly is to fill the world with fools. Washington, USA \ -- Herbert Spencer ------------------------------------------------------------------------ http://www.shorewall.net ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer''s challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
On Fri, 2008-10-03 at 15:48 -0700, Tom Eastep wrote:> Ricardo Kleemann wrote: > > Thanks. > > > > The examples show how to setup 2 local subnets. In my case, I have to > > external subnets, and only 1 local (or dmz) subnet. > > > > All the examples I see so far are for routing to multiple subnets behind the > > firewall, but my situation is the reverse. How would I handle that? > > Your ISP doesn''t require different gateways for the two subnets I''m > hoping. Assuming they don,t, there are no routing issues at all. Simply > define the addresses and use them. > > -TomHi Tom, Unfortunately, apparently yes. On the subnet aa.bb.cc.80/24, the gateway I use is aa.bb.cc.81. On the subnet aa.bb.cc.224/24, the gateway I use is aa.bb.cc.225 ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer''s challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
Ricardo Kleemann wrote:> On Fri, 2008-10-03 at 15:48 -0700, Tom Eastep wrote:>> Your ISP doesn''t require different gateways for the two subnets I''m >> hoping. Assuming they don,t, there are no routing issues at all. Simply >> define the addresses and use them. >> >> -Tom > Hi Tom, > > Unfortunately, apparently yes. > > On the subnet aa.bb.cc.80/24, the gateway I use is aa.bb.cc.81. > On the subnet aa.bb.cc.224/24, the gateway I use is aa.bb.cc.225Then see http://www.shorewall.net/MultiISP.html -Tom -- Tom Eastep \ The ultimate result of shielding men from the effects of Shoreline, \ folly is to fill the world with fools. Washington, USA \ -- Herbert Spencer ------------------------------------------------------------------------ http://www.shorewall.net ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer''s challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/