[Shorewall-users] Two-interface setup confirmation

Tom Eastep teastep at shorewall.net
Mon Dec 15 14:16:49 PST 2003


On Tuesday 16 December 2003 12:40 am, Paul Trevethan wrote:
> 
>
> Am I correct in naming the parts as below for Shorewall purposes:
>
> net = modem/internet
> fw = Linux box
> local = Windows machine & laptop.
> and I should start my config with two-interface template?
>
> Guidance appreciated,

I would start with the two-interface sample. You can disable local network 
access to the internet, if that's what you want, by removing the "loc net 
ACCEPT" policy and by removing the entry from the 'masq' file. You will 
probably also want to add the following policies:

fw	loc	ACCEPT
loc	fw	ACCEPT

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net




More information about the Shorewall-users mailing list