> > > > Example: > > > > Public subnet assigned by ISP: > > 192.0.2.128/25 > > ISP Router: > > 192.0.2.129/25 > > Firewall: > > eth0 192.0.2.130 (to router) > > eth1 192.168.1.254 (to future local net) > > eth2 192.0.2.131 (to dmz , actually the whole current net) > > > > shorewall interfaces file: > > net eth0 detect proxyarp,norfc1918 > > loc eth0 detect > > dmz eth0 detect proxyarp > > In addition to Charles's comment: > > I assume that you meant those three records for eth0, eth1 and eth2 > respectively and not all for eth0.
You�re right. My fault. It was just a copy n paste mistake. That is what I wanted to write: net eth0 detect proxyarp,norfc1918 loc eth1 detect dmz eth2 detect proxyarp I understand that it is neccessary to tell the kernel where to find which ip addresses. But i thought shrowall would handle this automatically. I also read in the documentation not to use the proxyarp configuration file when setting the proxyarp option in the interfaces file. So I don�t really know where to define special routes. I only have to ask again because I could not believe that a few settings like the ones in my example above are enough to solve all my problems. Can anybody help me ? Thanks. Bj�rn _______________________________________________________________________ ... and the winner is... WEB.DE FreeMail! - Deutschlands beste E-Mail ist zum 39. Mal Testsieger (PC Praxis 03/04) http://f.web.de/?mc=021191 ------------------------------------------------------- This SF.Net email is sponsored by: SourceForge.net Broadband Sign-up now for SourceForge Broadband and get the fastest 6.0/768 connection for only $19.95/mo for the first 3 months! http://ads.osdn.com/?ad_id%62&alloc_ida84&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
