[Shorewall-newbies] Can I add more than one ref to 1 interface?

Francesca C Smith fsmith at ladylinux.com
Thu Dec 4 21:57:11 PST 2003


Hello,

I am gonna take these one at a time


At 09:36 PM 12/4/2003, you wrote:
>dsl     ppp0    -       blacklist       (blacklist ad sites like
>ad.doubleclick.net, got better way?)


Yes .. www.privoxy.org .. Using the Blacklist would have tremendous 
overhead ..

>[Q]: What if I want to use a modem?? like a dial-up. I don't usuallu have
>access to dsl


Never tried to use IPTABLES with dialup .. Someone Else gonna have to take 
this one ..

>Since when on a DSL, modem is connected to eth0 I'm thinking of another
>network card to connect to a hub so that local lan (just another pc) can be
>masq'ed)
>
>so can I add to the masq file
>
>Masq file
>wlan0           192.168.0.0/24  (masq connections from local lan )
>ppp0            192.168.0.0/24  (masq connections from local lan through 2nd
>network card eth1)


Sounds like you need a script or a extension to switch environments ..

http://www.shorewall.net/configuration_file_basics.htm#Configs

Will give you a way to switch back and forth configs ..

>Pinging to the net gets no response _at_all_. It's either 'sendto not
>permitted' even when run as root or responses are being dropped by the fw.
>(shorewall logs)


You are trying to ping from to where ..

If its loc ..

you need a rule like so

ACCEPT  loc     net     icmp    8

Hope This helps ..

And Welcome To The List!!

Francesca

"No Problems Only Solutions"
Francesca C. Smith
Lady Linux Internet Services
fsmith at ladylinux.com




More information about the Shorewall-newbies mailing list