[Shorewall-newbies] Trying to get shorewall to work inbound.
Perhaps arp/routing issues.
teastep at shorewall.net
Wed Feb 11 16:55:01 PST 2004
On Wednesday 11 February 2004 04:46 pm, Zot O'Connor wrote:
> I have a dsl line with 13 addresses.
> They are all in a row, but not in a subnettable block.
> On my floppyfw firewall, I have ine IP for the outside (REAL_OUT_IP) and
> one for the inside (REAL_INSIDE_IP). Then it arps the IPs, then routes
> each IP to /32 on the inside nic for each IP to the inside addresses.
> I then use ipchains to do the filtering.
> I also have a fake IP range that is on the same LAN that I nat out
> bound. I have the .1 as a alias to the inside nic.
> All of this is pretty much done by hand in the firewall.ini.
> So the current router looks like this:
> REAL_OUT_IP MASQ/NAT to REAL_OUT_IP
> REAL_INSIDE_IP FAKE_INSIDE_IP
> LAN Machines (REAL_IPs) LAN Machines (FAKE_IP)
That is exactly the setup described in
http://www.shorewall.net/shorewall_setup_guide.html -- have you read that
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
More information about the Shorewall-newbies