[Shorewall-newbies] Setup help

Dean Takemori deant at hawaii.rr.com
Sun Dec 7 22:23:42 PST 2003


Hello,

I'm trying to set up shorewall 1.4.8 on an (rpm based) linux 2.4 (ie 
iptables)
system.  The box I'm trying to set up has a static IP and has both a
local network (10.100.200.x) and internet access through a 
router/gateway
(10.100.200.128) via the same NIC.

I basically want to block off access to that box except for certain
ports (80, 22, 20/2, ping/traceroute and a few others) from the local 
net
and DOS (rate, ping-of-death etc) protection + allow https (443, 
w/connection
logging and rate clamping) from the internet.

I've tried using the sample two-interface setup as a starting point, but
I get

    Error: Unable to determine the routes through interface eth1

when shorewall startup gets to "Masquraded Subnets and Hosts:"

I'm guessing that the two-interface setup is meant for a system with
two NICs, but I'm at a loss how to configure the above starting from
the one-interface sample.

-dean takemori



More information about the Shorewall-newbies mailing list