Charles, Thanks for the confirmation. We pretty much came to this understanding as we went. With Ray's help I now have the subnet functioning well enough for my private network tasks. I can telnet and FTP to the server on the DMZ. Would it be possible for you to assist me with the DMZ? I have stumbled through the network.conf file and turned on all the settings I thought would relate but it still doesn't work. Here is what I need the DMZ to offer. I want to have FTP access. I want to have web browsing from the DMZ. I want to port forward all ports between 27000 and 3000 to the DMZ server. There will most likely never be more than one machine on the DMZ.
Thank you, Kory Krofft Charles Steinkuehler wrote: > A bit of background... > > The default dachstein firewall scripts will NOT route traffic between > interfaces unless EXPLICITLY told to do so. If you simply add a third (or > fourth, or fifth...) interface, it will come up, and the router will be able > to ping devices on the new network, but NO TRAFFIC will be forwarded between > this new interface and other interfaces without properly setting up the > firewall rules (ie making the new interface a DMZ or additional internal > net) or creating some custom firewall rules in one of the /etc/ipchains.* > files. > > NOTE: If you add your new interface to the list of internal networks, > systems on the new network will be able to see the internet, but systems on > different internal networks will NOT be able to communicate with each other, > unless you add explicit rules to /etc/ipchains.forward to allow this. > > It sounds like you're to the point where everything is setup except systems > on your new DMZ interface cannot talk to the internet or to systems on your > internal net. If you properly configure the DMZ settings (probably for a > port-forwarded DMZ), everything should begin to work. > > Charles Steinkuehler > http://lrp.steinkuehler.net > http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
