[Shorewall-users] Internal gateways

Mike Lander landers at lanlinecomputers.com
Wed Oct 1 20:42:42 PDT 2003


----- Original Message ----- 
From: "Tom Eastep" <teastep at shorewall.net>
To: "Shorewall Users Mailing List" <shorewall-users at lists.shorewall.net>
Sent: Wednesday, October 01, 2003 7:31 PM
Subject: Re: [Shorewall-users] Internal gateways


> On Wed, 1 Oct 2003, Mike Lander wrote:
>
> >
> > How many workstations are there? Is it not practical to add persistent
> > routes at each workstation to the Toyota network through 10.5.198.238?
> > Or is your idea to be lazy and just add these routes once (on the
> > firewall) and let it be involved in outgoing Toyota traffic (but not
> > incoming Toyota traffic)?
> >
> > If the latter:  No
> >
> >
> > Thanks Tom,
> >     I think I will try the workstation routes, I did not realize that
> > is was being lazy, I thought it to be more practical for shorewall to
> > handle?
> > I have elected to take your advice on first option:
> >     Would this be the command to enter at the workstations?
> > Being the guru boolean mathematician you are?
> > route -p add 10.5.198.29 mask 255.255.255.0 10.5.198.238
> >
>
> Since all hosts on the LAN are presumably on 10.5.198.0/24, that route
> command isn't right. There must be other networks behind 10.5.198.238 that
> the clients need to access through that host.
>
> -Tom

Would this be bettter?
 route -p add 10.0.0.0 mask 255.0.0.0 10.5.198.238


Thanks,

Mike



More information about the Shorewall-users mailing list