[Shorewall-newbies] Routing and MASQ **Solution**

Bill.Light at kp.org Bill.Light at kp.org
Tue Dec 23 16:01:09 PST 2003


Hi Francesca !

Sorry for the llloooonnnnngggg  delay - right after I got this routing 
working - my samba PDC went down - another hard disk crash, so I am also 
using a new samba server, with SuSE 9.0 as well...    I also got to find 
out that just replacing a PDC is a game in and of itself, but that's for 
another discussion.  I also could NOT reproduce what was happening with 
virtual interfaces on my VMWare box...

The key to setting my routing up was buried in the Yast module - that is 
extremely touchy, and DIFFERENT from prior SuSE releases ... In the past 
it was buried in /etc/rc.config

What finally worked in   /etc/sysconfig/network/ifcfg-eth2:

BOOTPROTO='static'
BROADCAST='172.17.18.255'
IPADDR='172.17.18.5'
MTU='1500'
NETMASK='255.255.255.0'
NETWORK='172.17.18.5'
REMOTE_IPADDR='172.17.133.10'
STARTMODE='onboot'
UNIQUE='LQQB.PIXGknW2n7E'
WIRELESS='no'

Comments:

Broadcast (I'm guessing because of the "full" network on the other end) 
had to be the .255 ending.
IPADDR  What it is...
NETMASK   Ending in the  0   (so that other addresses will pass through 
the mask)
NETWORK   Same as the IP address
REMOTE_IPADDR   This is the IP address of the ISDN box  (NOT the router of 
the 172 subnet)



In   /etc/sysconfig/network/routes:

172.17.18.0    172.17.18.10  255.255.255.0   eth2

Comments:

Anything on eth2 intended for the 172 subnet goes through that ISDN box


And in   /etc/shorewall/masq:

eth2            eth1

THEN....the "obvious" solution that I had first tried, and started mucking 
with (that pissed Tom off) now works...


Whew !   Thanks for the moral support !   Happy holidays, ALL !

- Bill

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shorewall.net/pipermail/shorewall-newbies/attachments/20031223/1fb9fff9/attachment.htm


More information about the Shorewall-newbies mailing list