On Sat, Sep 27, 2008 at 12:44 AM, Tom Eastep <[EMAIL PROTECTED]> wrote:
> Alex Whiteside wrote:
> > Hello,
> >
> > Basically, my layout is as follows.
> >
> > I have a ADSL Modem with DHCP assigned, I use my own DNS servers, and
> > currently eth0 is attached to the modem. Then eth1 is attached to my
> > local network.
> >
> > I used the two-interface setup and it worked great, but now I have
> > decided to DMZ my vunerable services such as FTP/HTTP, but I do not have
> > the resources to pay for another server and network card.
> >
> > So what I wish to-do is run this Operating System in a virtual guest
> > using KVM, and then follow the three-interfaces guide as follows.
> >
> > So far i created a bridge for eth0 called br0, and this obtains the dhcp
> > from the ADSL modem, and the eth0 is set to manual.
>
> Why? The most natural thing to do is to create the bridge and make the
> bridge the third interface. The bridge serves to connect the Virtual
> Machine to the Firewall.
Okay, so what you are saying is
eth0 has a auto ip, and br0 is set to manual or auto? When br0 is on auto it
gets the same ip as eth0.
Sorry Im just a bit confused on how to approach this, maybe you can give
some pointers?
>
>
> >
> > Now lets go back to two interface and change eth1 to br0, Lets say dont
> > allow loc access to (net), what happens? The whole server cannot see the
> > internet, because it is bridged through br0.
>
> I don't understand that paragraph.
Basically, for some reason, when i create a bridge br0 based on eth0, my
whole internet connection wants to route through br0 instead of eth0, so
therefore i cannot control this.
>
>
> >
> > The solution??? I don't really know, thats why im mailing here to see if
> > maybe someone can help me out with this.
> >
> > I have read http://www.shorewall.net/KVM.html, but it does not really
> help.
>
> It won't help, so long as you are hung up on bridging one of your
> current interfaces.
>
> -Tom
> --
> Tom Eastep \ The ultimate result of shielding men from the effects of
> Shoreline, \ folly is to fill the world with fools.
> Washington, USA \ -- Herbert Spencer
> ------------------------------------------------------------------------
> http://www.shorewall.net
>
>
> -------------------------------------------------------------------------
> This SF.Net email is sponsored by the Moblin Your Move Developer's
> challenge
> Build the coolest Linux based applications with Moblin SDK & win great
> prizes
> Grand prize is a trip for two to an Open Source event anywhere in the world
> http://moblin-contest.org/redirect.php?banner_id=100&url=/
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
>
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
