> I have specified the additional interface configurations (xxx_IPADDR > etc) and they are brought up happily and are pingable from the attached > networks when the box boots. > > But specifically, how should I set the following vars: > > INTERN_IF > INTERN_NET > INTERN_IP > > to cover two physical interfaces/networks/ip addresses internally? Is > this possible in E2B (one external, one DMZ and two internal) or have I > just blundered? Any suggestions on a path to follow to firewall two > internal networks if this is not an E2B possibility?
INTERN_IF and INTERN_IP really don't matter much...just leave them as they are. To get two internal networks masqueraded on ES2B, just set INTERN_NET to a network specification that covers ALL internal networks, so (for example): if: internal net 1 = 192.168.0.0/24 internal net 2 = 192.168.1.0/24 set: INERN_NET=192.168.0/23 and both networks will be masqueraded to the internet. NOTE: Traffic will NOT be allowed between the two internal networks unless you specifically create forwarding rules allowing it. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
