Re: [Shorewall-users] firewall bridge on eth1 eth0 with same subnet

Fri, 29 Aug 2008 07:32:08 -0700 


Simon Hobson ha scritto:

WHAT I WANT
---------------
i would like my NET_B to have the same subnet of NET_A but they should
be "separated" by shorewall.
for example a pc in NET_A should have 192.168.1.10 ip, and a pc in NET_B
should have 192.168.1.10, but they should not see each other and they
should not conflict

wifi router (192.168.1.1)
  |-> eth1 (192.168.1.99) - shorewall - eth0 (192.168.1.1 OR other) <->
NET_B (192.168.1.0/24)
  |-> NET_A (192.168.1.0/24)

all traffic from NET_A to NET_B DROPPED
all traffic from NET_B to NET_A DROPPED

eth0 should be 192.168.1.1 if possible, or should be
192.168.1.anyothernumber, the important think is that NET_B.

i've try with proxyarp and nat to make thinks works like this but i'm
not able to do this.
can anyone help me?


Not really, what you are asking for is not a valid IP setup.


You could have the two networks using the same IP subnet if you run 
your shorewall as a bridge, but you would still not be able to have 
the same IP in use on both networks. Think about it, the firewall has 
a packet addressed to 192.168.1.10 - does it send it to the device 
with that address in NET_A, or the different device with the same 
address in NET_B ?



Perhaps if you explained what your problem is/what you are trying to 
achieve then we might be able to suggest alternative ways of doing it.



i have to create two separated network (NET_A and NET_B), using the same 
router.
pc on NET_A can not comunicate pc on NET_B, NET_B can not comunicate 
with pc on NET_A.

NET_A and NET_B should have the same subnet


my aim is not no "bridge", but to make two network, with the same subnet.
eth0 should act as the wifi router (192.168.1.1) of the NET_A
shorewall should act as a gateway.




-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users






















					Reply via email to