Hmm, I am not even able to add a rule to the firewall to forward data from 192.168.0.128/25 to EXTIF
:-( This seems to be more complex that I thought. After adding the route to the astlinux box, teh subnet is freely reachable within the LAN, but it cannot access the internet. Is there somewhere a good tutorial to arno's firewall? Thanks Michael Michael wrote: > Hi Tom > > Thanks for the answer. > > Using elocal was what I had in mind. However, the firewall rules also need > to be adapted. > > The case on doc.astlinux.org refers to the astlinux net being a subnet. In > my case the astlinux is the main net with an activated firewall to the > internet. > > If I understand the firewall config correct it only fowards data between > the EXTIF and the INFIF for the nets that are defined on the network tab. > This means in my case 192.168.0.0/25 (netmask 255.255.255.128). > > The subnet of mny LAN has 192.168.0.128/25 (netmask 255.255.255.128). > > The route command allows astlinux to route the packages for the subnet > correctly. But the firewall will only allow 192.168.0.0/25 to traverse to > the internet. > > It might be possible to add custom rules into arnos firewall. But there > might also be a simpler way, I hope... > > Michael > > Tom Chadwin wrote: > >> Hi Michael >> >> See if the instructions on the following page suit your requirements: >> >> http://doc.astlinux.org/userdoc:tt_network_config >> >> Cheers >> >> Tom >> >> >>> -----Original Message----- >>> From: Michael [mailto:[email protected]] >>> Sent: 14 July 2010 09:31 >>> To: [email protected] >>> Subject: [Astlinux-users] Static routes >>> >>> Hello >>> >>> Just a short question: Where would I add static routes into astlinux? >>> >>> In my LAN I have another (small) router with a subnet. >>> Actually, it is a linux box that simply connects another room >>> via WLAN with the astlinux main router. >>> >>> I would liked to have used bridging instead of nat for the >>> small router but there seems to be a bug in wpa_supplicant >>> that does not allow it to work properly on a bridge. >>> >>> So I need to define a static route into the astlinux router, >>> something like: >>> >>> So, if my main LAN is 192.168.0.0/25 and the subnet is >>> 192.168.0.128/29 then I would need to add a route like this >>> >>> route add -net 192.168.0.128 netmask 255.255.255.248 gw >>> 192.168.0.129 dev >>> br1 >>> >>> Hmm, I guess I also need to adapt the firewall as it will >>> only forward data from EXTIF to INTIF for the main net... (?!) >>> >>> Or is there a simple way to do it which also adapts the >>> firewall accordingly? >>> >>> Thanks >>> >>> Michael >>> >>> ------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first _______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [email protected].
