No subject
Thu Dec 20 21:04:13 MST 2007
bypass the firewall. You also don't see the browser resetting the replies
because those bypass the firewall too. These seem to indicate that IP
forwarding is enabled, but maybe it isn't and they don't actually leave the box.
If you have to keep the arrangement below, adding the SNAT line I suggested in
my last post should allow things to work. But note that it will not be a test
of your configuration once you hook the firewall (eth1) into the Internet.
That's because below you have everything on the same subnet, and the Internet
will not be on your subnet. In that case, the new SNAT line will break things.
Well, hope that helps some. This stuff gets to be a little tricky. If you
still have questions, maybe you can make installfest - we can talk even if you
don't bring in your setup. If you can't make it, mail me off list and we can
arrange something else.
Dave
> ------------------
> | |
> | |
> | |
> | Win98 client |
> | |
> ------------------
> |
> eth0 (192.168.0.101)
> Internet here |
> (eventually) |
> | |
> | |
> | |
> | |
> eth1 (192.168.0.4)--------| |
> | | |
> ------------------ | ------------------
> | | -------| |
> | Linux | | |
> | | | Hub |
> | firewall | | |
> | | -------| |
> ------------------ | ------------------
> | | |
> eth0 (192.168.0.111)------| |
> |
> |
> |
> |
> |
> eth0 (192.168.0.200)
> |
> ------------------
> | |
> | Linux |
> | http/smtp |
> | server |
> | |
> ------------------
>
More information about the clue-tech
mailing list