> >Make sure you've added all your internal networks to the INTERN_NET variable > >in /etc/network.conf. If that's not the problem, we'll need more > >information about your firewall setup, including network.conf settings, and > >the output of "net ipfilter list" > > I tried to find documentation on multiple internal interfaces but failed. I > just found the network.txt file on > lrp.steinkuehler.net/files/packages/network.txt. Could anyone please > clarify the format of > > INTERN_IF > INTERN_NET > INTERN_IP > > for more than one internal interface
OK...a quick browse through the latest Dachstein scripts yields the following: INTERN_IP: This is a "historical relic", and is unused by any of the core network/firewall scripts on Dachstein. This variable *may* be used by some add-on packages that source /etc/network.conf to get configruation data, but that's about it. If you set this to the IP of your "main" internal network interface, you should be fine. INTERN_IF: Nearly a historical relic. Only used by one procedure when setting up reverse masquerading for a private DMZ. INTERN_NET: This is all the current firewall rules really care about. The format is a space-seperated list of network specifications in CIDR format. NOTE: A portion of the code to implement a private DMZ does *NOT* support more than one network for INTERN_NET. So, to add multiple internal networks, simply add all the networks to INTERN_NET. The fact that some of the private DMZ code uses INTERN_IF, and does not support multiple networks in INTERN_NET should be considered a bug...I'll try to get this fixed in the next release. Currently, however, it is not possible to support multiple internal networks and a private DMZ simultaniously. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
