O.k.,
If 64.240.90.225 is the address of your router then:
0. flush all ipchains lists to make sure it isn't bothering you
1. kill all routes (route del...)
2. give your linuxmachine 2 adresses within the range 64.240.90.226 -
64.240.90.238
3. activate proxy-arp on the linux machine on both interfaces. probably:
echo 1 >/proc/sys/net/ipv4/conf/eth0/proxy_arp and
echo 1 >/proc/sys/net/ipv4/conf/eth0/proxy_arp)
4. add the following routes:
route add -net 64.240.90.224 netmask 255.255.255.240 gw
<ip-eth0>
route add -net 64.240.90.224 netmask 255.255.255.240 gw
<ip-eth1>
route add -net 0.0.0.0 netmask 0.0.0.0 gw 64.240.90.225
5. Test!
All written without looking at them manuals, so there might be a typo.
Serge.
-----Original Message-----
From: Vinay Kudithipudi [mailto:[EMAIL PROTECTED]]
Sent: donderdag 3 augustus 2000 20:31
To: [EMAIL PROTECTED]
Cc: Serge Maandag
Subject: Re[2]: Network Routing Configuration
Hello Serge,
Thanks for the feedback.... I think u got me a bit wrong here or
I didn't make my point clear. I am planning to use this machine as a
firewall. I figured that I had to use public ip addresses for both the
cards since, I have some machines on my lan which use public ip
addresses. We have a T1 router through which we have internet access.
I want to connect this pc right after the router and the rest of the
lan is connected to this pc. As I said, I am farily new to Linux
and I would like to install a firewall for my lan. Please give me ur
suggestions. Thank u.
Thursday, August 03, 2000, 7:25:22 AM, you wrote:
SM> ?? this isn't what you want alright :)
SM> If your lan is connected to eth1:
SM> First of all: a router can only route between two different subnets
and
SM> the IP ranges you gave to the router (64.240.90.230 and
64.240.90.231)
SM> are in the same subnet. That can only if you make it proxy-arp
SM> Secondly: you told your router that 64.240.90.224/28 is connected to
SM> eth0 and eth1, there can be only one, neo! remove the entry for
eth1.
SM> Thirdly: you have 2 default-routes, one to eth0 and one to eth1.
Both
SM> are pointing at 64.240.90.225, which resides in the lan-subnet.
SM> I think you need to study ip-address assigning and subnetting a bit.
If
SM> even then you can't figure it out, add more info, what is the isp's
SM> gateway address, what addresses do you want where..
SM> Serge.
SM> -----Original Message-----
SM> From: Vinay Kudithipudi [mailto:[EMAIL PROTECTED]]
SM> Sent: donderdag 3 augustus 2000 17:01
SM> To: [EMAIL PROTECTED]
SM> Subject: Network Routing Configuration
SM> Hello Guys,
SM> Thanks for the great feed back on firewalls. I have a question
SM> about routing tables. I have two network cards in the comp that I am
SM> planning to use as an firewall. Both of them have pulic ip
addresses.
SM> One card is going to be connected to the router and another to the
SM> lan. How should I write the routing table so that all the traffic is
SM> passed on from the card attached to the lan. My routing table at
SM> present is
SM> Kernel IP routing table
SM> Destination Gateway Genmask Flags Metric Ref
Use
SM> Iface
SM> 64.240.90.231 * 255.255.255.255 UH 0 0
0
SM> eth1
SM> 64.240.90.230 * 255.255.255.255 UH 0 0
0
SM> eth0
SM> 64.240.90.224 * 255.255.255.240 U 0 0
0
SM> eth0
SM> 64.240.90.224 * 255.255.255.240 U 0 0
0
SM> eth1
SM> 127.0.0.0 * 255.0.0.0 U 0 0
0
SM> lo
SM> default 64.240.90.225 0.0.0.0 UG 0 0
0
SM> eth1
SM> default 64.240.90.225 0.0.0.0 UG 0 0
0
SM> eth0
--
Best regards,
Vinay mailto:[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
