"Mikkel L. Ellertson" wrote:
> > Linux eth1: 192.168.1.1/24
> > Linux eth2: 192.168.1.2/24
> > WIN1: 192.168.1.3/24
> > WIN2: 192.168.1.4/24
> >
> Do not define networks for eth1, eth2, WIN1 or WIN2. You can defind a
> network for 192.168.1.0, but you don't realy have to.
If I don't define a network for the WIN-boxes how will they find eachother?
> > My routing table would look like this:
> >
> > Destination Gateway Genmask Flags Metric Ref Use Iface
> > 192.168.1.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth1
> > 192.168.1.2 0.0.0.0 255.255.255.255 UH 0 0 0 eth2
> > 192.168.1.3 192.168.1.1 255.255.255.255 UG 0 0 0 eth1
> > 192.168.1.4 192.168.1.2 255.255.255.255 UG 0 0 0 eth2
> > 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
> > 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
> > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
> > 0.0.0.0 inet-gw 0.0.0.0 UG 0 0 0 eth0
> >
> >
> > Would it work?
> >
> Your routes to WIN1 and WIN2 don't need a gateway. If you were setting
> it up manualy, you would use "route add 192.168.1.3 eth1" and
> "route add 192.168.1.4 eth2".
Well, I added the gateway just in case, so that traffic would go through the
right interface. But I guess that just addind a route through an interface
would be enough...
> The rules are off the top of my head, so they may require tweeking. You
> will require more rules for a complete firewall!
> Make sure you use crossover cables between the Linux and Windows boxes.
Thanks for the ruleset!
Do I need to specify a rule to DENY everything except the reply packets for
masqueraded traffick? If it is no effort, could you please write me that rule?
Thanks,
Peter
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list