Hi guys, I've played with this over the last couple of weeks and have had no luck in setting it up. So I'll turn the masses again ;)
I have a netcomm NB1300 which (with the latest software update) supports SNMP now. I wish to be able to acces the config page (as in http config page) and the SNMP protcol from my internal lan. I followed the online users guide for setting up a ADSL connection. (http://leaf.sourceforge.net/doc/guide/bupppoe.html) I'm running Bering # uname -a Linux talon 2.4.20 #1 Sun May 11 18:53:34 CEST 2003 i686 unknown And made the following changes to try and acces the config/snmp from my internal network. My DSL modem has 192.168.0.1 as it's IP address. /etc/network/interfaces auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.0.2 masklen 24 broadcast 192.168.0.255 up pon dsl-provider eth0 up shorewall restart auto eth1 iface eth1 inet static address 10.0.10.1 masklen 24 broadcast 10.0.10.255 # ip addr show 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo 2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:d0:b7:90:83:21 brd ff:ff:ff:ff:ff:ff inet 192.168.0.2/24 brd 192.168.0.255 scope global eth0 4: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:90:27:58:e2:dd brd ff:ff:ff:ff:ff:ff inet 10.0.10.1/24 brd 10.0.10.255 scope global eth1 5: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1492 qdisc pfifo_fast qlen 3 link/ppp inet 220.240.2.218 peer 203.194.30.234/32 scope global ppp0 # ip route show 203.194.30.234 dev ppp0 proto kernel scope link src 220.240.2.218 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.2 10.0.10.0/24 dev eth1 proto kernel scope link src 10.0.10.1 239.0.0.0/8 dev eth1 scope link default via 203.194.30.234 dev ppp0 For my shorewall configuration I have added the following. /etc/shorewall/zones #ZONE DISPLAY COMMENTS adsl adsl ADSL Modem net Net Internet upnp UPNP UPNP Network loc Local Local Networks /etc/shorewall/interfaces #ZONE INTERFACE BROADCAST OPTIONS net ppp0 - routefilter loc eth1 detect routestopped adsl eth0 detect /etc/shorewall/policy #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST loc net ACCEPT fw adsl ACCEPT fw upnp ACCEPT net all DROP ULOG all all REJECT ULOG /etc/shorewall/rfc1918 #SUBNET TARGET 192.168.0.1 RETURN 192.168.0.2 RETURN 255.255.255.255 RETURN # We need to allow limited broadcast 169.254.0.0/16 DROP # DHCP autoconfig 172.16.0.0/12 logdrop # RFC 1918 192.0.2.0/24 logdrop # Example addresses 192.168.0.0/16 logdrop # RFC 1918 To allow my internal machine to see the modem I have tried the following rules but that doesn't seem to work? ACCEPT loc adsl icmp 8 ACCEPT loc adsl tcp 80 ACCEPT loc adsl udp snmp I am able to ping my dsl modem from the firewall but not from my internal lan? Any ideas/help would be greatly apprecitated Thanks all. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
