[Shorewall-newbies] 3 local network interfaces

Juan Jose Lopez Gonzalez jjlopez at cetecom.es
Tue Feb 17 09:00:49 PST 2004


yes, users in local zone connect to 192.168.1.x and firewall must dnat to 10.10.1.x. 

1 web server--> local IP 192.168.1.10 dmz 10.10.1.10
2 web server--> local IP 192.168.1.20 dmz 10.10.1.20
3 web server--> local IP 192.168.1.30 dmz 10.10.1.30

it posible to do that in interfaces file??

##############################################################################
#ZONE   INTERFACE       BROADCAST       OPTIONS
net     eth0            detect          routefilter
loc     eth1            detect
loc     eth2            detect
loc     eth3            detect
loc     eth4            detect
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

thanks¡¡
-----Mensaje original-----
De: shorewall-newbies-bounces at lists.shorewall.net
[mailto:shorewall-newbies-bounces at lists.shorewall.net]En nombre de Niels
Kristian Jensen
Enviado el: martes, 17 de febrero de 2004 10:02
Para: shorewall-newbies at lists.shorewall.net
Asunto: Re: [Shorewall-newbies] 3 local network interfaces


shorewall-newbies-bounces at lists.shorewall.net wrote:

>   I´m having problems configuring a DMZ subnet. 
>  
> I have 3 public web servers and we want to:

> redirect all local traffic from the local network to the DMZ subnet

  one of you PC's on "loc" interface wants to contact one of the 
webservers on the "dmz" interface?

Which IP does the PC on loc have?
Which IP does the webserver have?

Do you have a rule permitting the loc zone to contact the dmz zone?

Best regards,
Niels Kristian Jensen
Denmark

_______________________________________________
Shorewall-newbies mailing list
Post: Shorewall-newbies at lists.shorewall.net
Subscribe/Unsubscribe: https://lists.shorewall.net/mailman/listinfo/shorewall-newbies
Support: http://www.shorewall.net/support.htm
FAQ: http://www.shorewall.net/FAQ.htm


More information about the Shorewall-newbies mailing list