On 21 Jul 2002, Stephen Lee wrote: > On Sun, 2002-07-21 at 15:51, Tom Eastep wrote: > > > > > > > That's FAQ #1 -- http://www.shorewall.net/FAQ.htm#faq1 > > My interpretation is that FAQ #1 addresses the needs of portforwarding > to the private subnet (eth1) but it does not address access from the > private net to the DMZ.
Sorry -- I've been away for the weekend and was too hasty in reading your post. > FAQ #2 does answer the question and I discovered > this as outlined in a subsequent message. In Dachstein, the > documentation (network.txt) is more explicit about defining a "Private > DMZ" which is masquerading plus some extra rules to allow for access to > the DMZ from the private subnet. IMHO, this bit of glue logic doesn't > seem to be obvious in the Shorewall (1.2) docs but is found in the FAQ. > I would like to suggest including a brief description of the private DMZ > segment example in the section on masquerading (or DMZ or snat) which > references the need for Bind views or a split horizon Tinydns setup > (perhaps links to FAQ #2?). On the whole though, the documentation is > excellent and I certainly appreciate the amount sweat required to > produce it. > Thanks for the suggestion -- my current focus is to improve the documentation and I welcome your input. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
