I have a server that I want to handle internal traffic differently than external traffic. The server is on the subnet 192.168.32.64/26 Internal addressing is 192.168.0.0/16 and 201.65.32.192/26 (I cooked this address up for discussion). I ''only'' have one problem: how to define the rest of the world... In /etc/shorewall/interfaces I would have: - eth0 detect dhcp, routeback # server provides dhcpd for its subnet In /etc/shorewall/hosts I would have: Int1 eth0 192.168.32.64/26 Int2 eth0 192.168.0.0/16 Int3 eth0 201.65.32.192/26 Pub eth0 0.0.0.0/0 In /etc/shorewall/zones I would have: Int1 IPv4 Int2 IPv4 Int:Int1,Int2,Int3 IPv4 Pub IPv4 I am just not sure about how I have Int2 and Pub defined. As I understand it, the order in zones is important in processing all this... This seems like it should be common... ------------------------------------------------------------------------------ Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
Robert Moskowitz wrote:> I have a server that I want to handle internal traffic differently than > external traffic. > > The server is on the subnet 192.168.32.64/26 > > Internal addressing is 192.168.0.0/16 and 201.65.32.192/26 (I cooked > this address up for discussion). > > I ''only'' have one problem: how to define the rest of the world... > > In /etc/shorewall/interfaces I would have: > > - eth0 detect dhcp, routeback # server provides dhcpd for its subnet > > > In /etc/shorewall/hosts I would have: > > Int1 eth0 192.168.32.64/26 > Int2 eth0 192.168.0.0/16 > Int3 eth0 201.65.32.192/26 > Pub eth0 0.0.0.0/0 > > In /etc/shorewall/zones I would have: > > Int1 IPv4 > Int2 IPv4 > Int:Int1,Int2,Int3 IPv4 > Pub IPv4 > > > I am just not sure about how I have Int2 and Pub defined. As I > understand it, the order in zones is important in processing all this... > > This seems like it should be common...man shorewall-nesting -Tom ------------------------------------------------------------------------------ Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com