As of right now, there is nothing configured in shorewall at all, i am using my old cisco router as I couldnt get things operating under shorewall and couldnt be without the routing of the extra subnet. Right now, I am unsure as to how to begin to implement the zones / interfaces / default policies and firewall rules to suit my configuration. The DMZ is the biggest 'concern' I have, I dont have the ability of running the two servers on a separate interface as they also host internally required services. The windows server is a domain controller. I am not sure though if the DMZ can be implemented in the configuration I have. Unfortunately, I a wont be able to do any huge amount with this until Sunday as I am going interstate (again why the system is running the Cisco unit until i can spend more time in front of it again) My configuration can't be unique, its just escaping me :) My previous firewall (Slackware / IPTables) died, which is why im now looking at a system i can set up and manage myself. Thanks again for your quick responses and advice
________________________________ From: Tom Eastep [mailto:[EMAIL PROTECTED] Sent: Fri 7/11/2008 10:45 AM To: Shorewall Users Subject: Re: [Shorewall-users] Firewall Configuration Marcus Limosani wrote: > This is the case, the addresses are being routed by the ISP, and no they > arent part of the same subnet > > The subnet allocated is 203.35.162.40/29 > > The firewall has been showing the traffic in the logs, but always shows as > ACCEPT:REJECT Marcus, When analyzing firewall issues, attention to details is critical -- it follows that without details of a) how you configured your firewall (output of 'shorewall dump' collected as described at http://www.shorewall.net/support.htm#Guidelines); b) what tests you tried; and c) what the results were, we can't give you any concrete advise. -Tom -- Tom Eastep \ The ultimate result of shielding men from the Shoreline, \ effects of folly is to fill the world with fools. Washington, USA \ -Herbert Spencer http://shorewall.net <http://shorewall.net/> \________________________________________________
<<winmail.dat>>
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
