Marco, If all your routes points to the same interface (eth1), why not use just a default router? If there are more routes, please do not consider my advice.
Anyway, for any of us to help, please include more information about the topology of the networks nad what you want to achieve cause your description is just too generic. Flavio Marco Salimu <[email protected]> wrote on 28 Jul 2010, 11:23 AM: Subject: [Shorewall-users] REF: Intranet-Local to DMZ and Internet Services >Hi everybody. I have network setup where by I have RED-Internet, >GREEN-Local, ORANGE- DMZ but also i have branches which getting internet >services and other services at my GREEN-LOCAL and getting web server,email >server from DMZ. So i have sort of Intranet. > >my clients from branches and local are getting internet using proxy server >at firewall box? > > >apart from Shorewall configuration: there is a sctript used to run at >start to enable branch network and being routed to DMZ and Internet. If i >remove that script not branch clients being able to get DMZ rather >internet services. > >See the routing script: > >######################################### >#!/bin/sh ># ># This script will be executed *after* all the other init scripts. ># You can put your own initialization stuff in here if you don't ># want to do the full Sys V style init stuff. > >touch /var/lock/subsys/local > > route add -host 255.255.255.255 dev eth1 > route add -net 10.20.33.0 netmask 255.255.255.0 dev eth1 > route add -net 10.6.8.0 netmask 255.255.255.0 dev eth1 > route add -net 10.7.7.0 netmask 255.255.255.0 dev eth1 > route add -net 10.24.6.0 netmask 255.255.255.0 dev eth1 > route add -net 10.20.12.0 netmask 255.255.255.0 dev eth1 > route add -net 10.9.96.0 netmask 255.255.255.0 dev eth1 > route add -net 10.35.13.0 netmask 255.255.255.0 dev eth1 > > shorewall restart >############################################# > >Thanks in advance guys for helping me >-- >with rgds > >Marco Salimu >IT Manager >[ P.o. Box 1546] >Mob: +255 784 370294 | +255 715 370294 >Tel: +255 27 8218 | Fax: +255 27 8273 >Email: >******************************* >[email protected] | [email protected] >[email protected] | [email protected] >[email protected] >******************************** > >-- >with rgds > >Marco Salimu >IT Manager >[ P.o. Box 1546] >Mob: +255 784 370294 | +255 715 370294 >Tel: +255 27 8218 | Fax: +255 27 8273 >Email: >******************************* >[email protected] | [email protected] >[email protected] | [email protected] >[email protected] >******************************** > > >-- >This message has been scanned for viruses and >dangerous content by MailScanner, and is >believed to be clean. > > >------------------------------------------------------------------------------ > >The Palm PDK Hot Apps Program offers developers who use the >Plug-In Development Kit to bring their C/C++ apps to Palm for a share >of $1 Million in cash or HP Products. Visit us here for more details: >http://p.sf.net/sfu/dev2dev-palm >_______________________________________________ >Shorewall-users mailing list >[email protected] >https://lists.sourceforge.net/lists/listinfo/shorewall-users > ----------------------------------------------------------------------------------------------------------------------- Send big files for free. Simple steps. No registration. Visit now http://www.nawelny.com ------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
