My /etc/network/interfaces file reads: # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 iface eth0 inet dhcp
add something like this to /etc/network/interfaces after the last line there (and maybe drop the hotplug from eth0)
# The dmz zone network interface on eth1
iface eth1 inet static
address 192.168.0.111 ---- or whatever your address will be
netmask 255.255.255.0
gateway 192.168.0.1
# The local zone network interface on eth2
iface eth2 inet static
address 192.168.2.1 ---- supposing this would be your internal gw
netmask 255.255.255.0
Then you will have to make sure your routes and nat are correct. Now I don't know if you need gateway address set for interfaces that are on the inside or not.
Also, if your new to networking config, try Webmin. It will make things easier. (ok thats 2 plugs, no more)
-sp
john wrote:
-----Original Message----- From: Paolo <oopla@users.sf.net> To: debian-firewall@lists.debian.org <debian-firewall@lists.debian.org> Subject: Re: Using shorewall Date: Thu, 12 Feb 2009 21:47:17 +0100 Mailer: Mutt/1.3.28i On Thu, Feb 12, 2009 at 03:05:14PM -0500, john wrote: ...I have set up shorewall with eth0 going to my existing d-link router. eth1 and eth2 are planned for a dmz and a loc. I have used the setup andwhat's your final /etc/network/interfaces ? what do ifconfig(8) or ip(8) report?lines from /var/log/shorewall-init.log): Setting up masquerading/SNAT.... ERROR: Unable to determine routes through interface "eth1"perhaps some more log line would help ? ...
No comments:
Post a Comment