I’m paying for a second IP with my Comcast account. Now, from their point-of-view I should have my two Windows machines hooked up through a straight hub into the back of the cable modem. From my point of view they are out of their mind, plus I can’t set up an internal fileserver to share between my two machines… a file server I explicitly do not want to share with the world. And a test machine or two, or eight, none with ‘world’ access.
I want my personal machine and that of my fiancé to be presented to Comcast through different interfaces. I have a physical eth2 if I find I can’t alias eth0 to be the 2nd interface as well because of MAC identity, though I plan to attempt it after I have eth2 working as I expect. Comcast will observe her traffic and mine just as they would expect through the different interfaces, so they can’t complain about me NAT’ing in violation of their AUP. Any outbound not explicitly from those two machines will be in the REJECT chain. So much for my goal… but I do not grasp how to get there. 1) What is the best way to have our XP machines identify themselves to the firewall? 2) How do I tell Shorewall to keep things straight? I plan to have the firewall cache DHCP and do Squid filtering of the web. Blacklisting should apply to both. If I had a wish, Squid would pick which outbound interface based upon which machine made the request. Same for DHCP. Alas, one can’t have everything, but insight as to how to think of an approach would be most welcome. Thank you for your assistance. --Romaq ------------------------------------ William (Andy) Smith [EMAIL PROTECTED] ------------------------------------ ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id70&alloc_id638&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html