P Hennessy wrote: >Shorewall 4.0.8 >3 Interface > >eth0: 192.168.1.1 255.255.255.0 #connected to Modem >eth1: 10.10.1.3 255.0.0.0 #loc >eth2: 10.10.2.3 255.255.254.0 #DMZ > >In the POLICY File, all is set to REJECT > >INTERFACES: >net ppp0 detect >routefilter,norfc1918,tcpflags,blacklist >modem eth0 detect >loc eth1 10.10.1.255 tcpflags,dhcp >dmz eth2 10.10.2.255 tcpflags,dhcp
>Am I missing something in the above setup Yes, your IP config is invalid. 10.10.2.0/23 is a subset of 10.0.0.0/8 - therefore eth1 and eth2 have overlapping IP addresses. Your broadcast addresses are also wrong in the interfaces file: 10.0.0.0/8 has a broadcast of 10.255.255.255 10.10.2.0/23 has a broadcast of 10.10.3.255 ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
