similar to: Adding another interface to manage the bridge

Displaying 20 results from an estimated 40000 matches similar to: "Adding another interface to manage the bridge"

2004 Dec 02
11
another network to add
Hi Tom (and others) encase you don''t know my network already ;) here''s a quick run down eth0 lan 192.168.1.1/255.255.255.0 eth1 wan1 172.30.7.4/255.255.240.0 eth2 wan2 202.37.230.93/255.255.255.192 eth3 wan3 203.96.213.73/255.255.254.0 I''ve got routes and rules for all the above interfaces :) I want to add another one, however I fear this might cause some issues I have
2004 Aug 19
9
bridging and internet
(I''m not a member of the list at the moment so please answer this e-mail CC to my personal address. Thank you all) I am part of a community network in Buenos Aires and I''m now trying to set up a bridge between my local net and the community net. The problem is that appart from the bridge between these I need to share an internet connection and the cable modem assigns me a
2002 Oct 16
2
VPN bridge to LAN, through Firewall
Hi, thanks for a great piece of software! ...at the moment I have a commercial VPN box, which also acts as our firewall. I wish to replace this firewall functionality with a decicated Shorewall firewall, and use the VPN box only for VPN traffic. At the moment, this VPN/Firewall box is at an internet visible address, x.x.x.85 I wish to make the new Shorewall fireall x.x.x.85 and move the VPN to
2004 Oct 04
5
Bridge and routing question - complete email.
Here is the report and the complete diagram. And sorry for email problem and incomplete email ! I have made new test. Eth0 and eth2 are bridged. I can ping NET from LAN I can ping every firewall''s interface from LAN I can ping eth1 from private LAN I can ping everything from firewall Bridging is activated in shorewall.conf >From LAN i can ping 192.168.11.253 but not 192.168.11.254
2005 Apr 04
15
Two Interface Setup + router problems II
Hey all, A while ago today I posted about not being able to get my two interface setup working with a router (di 652 wireless/wired). I recieved help from Tom and got everything in the router turned off and set it up as a switch rather then a rouiter, this still never corrected my problems. Use tcpdump I see there is alot of traffic, but as soon as I dhcpcd eth1 (local) I loose all outside access
2005 Apr 02
11
bluetooth nap and internet access problem
Hello, I''m trying to configure my desktop as a bluetooth network access point for my ipaq (as explained in http://www.stolk.org/debian/bluetooth.html). I''m running shorewall version 2.2.1 on debian testing with a local network via eth0 and internet access via eth1. I''ve created a bridge br0 for eth0 and bnep0 and activated bridging in shorewall. dhcpd is listening
2004 Sep 11
5
Bridge Interface without an IP Address?
We are using Shorewall 2.0.8 with SuSE 9.1 and have built a bridging firewall primarily to defend against syn flood and smurf DoS attacks. We are a small ISP using Cisco routers for a total of 5-6 subnets. Since bridges are based on use of MAC addresses, if we could use one bridging firewall system instead of 5-6 ... is this possible? practical? (Other than introducing a single point of failure
2003 Nov 21
7
FORWARD:REJECT
I have a 3 nic setup with shorewall 1.4.8-1 running on redhat 9. My eth2 (dmz zone)has 7 secondary address attached to it. I can ping a machine in each subnet, dmz to net rules seem to be working fine on all machines.. I have my policy set as dmz to dmz accept. If I try to ping between subnets I get Nov 21 12:18:45 kbeewall kernel: Shorewall:FORWARD:REJECT:IN=eth2 OUT=eth2 SRC=172.17.0.2
2005 Feb 04
12
SW 2.2.0: 4 interface system, log reports impossible "IN=" and DROPS
This one is really throwing me. Thanks in advance for any advice. I''m working on a 4 port firewall system. It is running heartbeat+drbd. Primary box looks like this: eth0 -> net/cicso router 192.168.144.2/29 eth1 -> drbd/heartbeat crossover cable 192.168.254.253/30 eth2 -> dmz 192.168.144.10/24 eth3 -> loc 192.168.101.2/24 The IP''s
2008 May 30
3
shorewall vrf support
Hey guys, I have a question regarding shorewall and vrf functionality. I have shorewall 3.4.8 and kernel 2.6.24-gentoo-r8 I have tried to use iproute2 (ip route and ip rule) to establish multiple routing tables. The biggest problem seems to be, that I cannot add interfaces such as vlan interfaces to the routing table. My target is that linux takes attention of on which vlan interface
2005 Sep 29
20
maclist problem on a firewall/bridge/router system with masquerading
Hy, sorry for my poor english i think i''m having a very unusual problem and very dificult to track, but i''ll try to explain it as best as i can. here is my scenario: a firewall/bridge composed of 3 ethernet devices and 1 virtual one. my bridge (br0 ) is composed of eth0, eth1 and tap0 br0:eth0 is my connection to my router (200.244.92.1) br0:eth1 is my connection to my
2003 Aug 06
10
wormHunter.sh and friends
Evening all, First: Obligatory thanks to Tom. Shorewall is GREAT! I''ve got it on 3 machines now and love it. (Just because they are obligatory does not mean they are not heart-felt.) On my main web server, I am constantly scanning my log files for worm-signs. Requests for default.ida, any .exe, there are several others, you probably have your favorite. I got tired of doing it by hand
2005 Feb 08
4
Bridge Nat question
Hi, I have a bridge firewall already working with 2 eth. I need to set up a another eth to do NAT like http://www.shorewall.net/images/bridge2.png The question is (using the same notation as the image), I need to put a 192.168.0.2.X in the eth1 and act as the bridged part (not use Nat). It is possible ? Thanks in advance. PS : I''m not subscribe to the list. Please reply to my
2005 Nov 21
2
shorewall status
Hi I wonder if you can help... I have setup shorewall(2.2.3) under debian on a machine that has 4 network ports... the idea is that there is 1 WAN port, 1 DMZ port, and 2 LAN ports, 1 LAN port has static NAT setup for selected incoming connection from trusted sources, and the second LAN port I am trying to setup using masq NAT as it only requires outgoing connections, no incoming. the static NAT
2008 Feb 25
7
kernel: martian
Hi, I have a setup problem with Shorewall 4.0.6, which I can''t figure out why it is not working: I want to install a fireall with 2 extra interfaces : - My serv ("dmz") zone is a /28 subnet behind eth1, with a small number of SUN servers (IPs between ABC.DEF.75.1 and .13), one of which is a DHCP server for the 75 subnet. - The loc zone are PCs in the 75 subnet behind eth2
2005 Feb 05
4
Wireless connectivity issues
Hello, I cannot establish Xserver connection via wireless subnet, while telnet is working fine. There was a similar problem before in Shorewall over IPSEC that Tom had fixed. Also, ping is working, but traceroute is not. Finally, PuTTY gets a connectivity error after couple minutes of inactivity over wireless when connected to the firewall/gateway. Wireless is configured per instructions in
2008 Jan 08
8
Shorewall and LVS-NAT (via fwmark) nat'd machines can't access the outside world directly
Hi guys, I''m not sure where to post for help on this one, shorewall or lvs, I''ll start with shorewall (only cause Tom is a gun at this stuff, and is polite enough to tell me to bugger off to the LVS list if I''m posting in the wrong one ;) I have a single box that is my router/firewall/LVS. Internet -- eth0 - router/firewall - eth1 --- internal lan | eth2
2004 Aug 22
6
LAN to DMZ zone issues.
Hello all, Name is Andrew and in desperate need of some info. Setup: - Mandrake 9.1 with three interfaces (eth0 --> WAN) C-class /28 network (with tree virtual addresses which I am DNAT-ing to the DMZ) (eth1 --> LAN) A-class 10.0.0.0/8 (eth2 --> DMZ) A-class subnet 10.1.123.0/24 - Running stock Shorewall ver: shorewall-1.3.14-3.1.91mdk Dilemma: - LAN can not access the DMZ zone
2004 Dec 07
2
[Fwd: router and transparent bridge in same box attempth 2 :)]
-- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
2005 May 17
1
Adaptation - Architecture Question
I have been studying Tom''s configuration at: http://www.shorewall.net/myfiles.htm -and- http://www.shorewall.net/NAT.htm I am using SBC as an ISP and also have 5 "real" IP addresses and because of other issues, have to re-do my set-up. If I have a block at .120/29 assigned to me, what SBC does is give you 5 usable addresses, in my case .121 is the SBC modem/router and