Hey everyone
new user on the list.
i am currently working on a new home network setup. i have been using
smoothwall for about 2 weeks, and am disapointed to see how much i learned
:P using their pretty web gui ... so im doing it myself!
but with a couple differences. i want the DMZ part to connect to the NET via
PPPoE, ie NOT port forwarding, the connections just have to pass through the
firewall box ... so that is a bridge. using slackware 8.1with 2.4.18, i have
not been able to patch the kernel (constant errors), so got .19 ... no
troubles ... now i have a bridge that can filter (i have not tried
connecting a machine with pppoe under the bridge box yet).
but ... it would go further than that. since i also have section of my
network i want to keep off limits to visitors. so, like smoothwall, NAT is
the awnser.
but here is where i loose it.
on the box there are 3 NIC's, you figured it out, 1 for the outside world,
one for a private subnet and the other for the DMZ.
as i explained before ... the DMZ NIC is a bridge with the outside NIC.
(firewalled)
but, since i want to NAT connections from my private subnet, i also need the
outside NIC to connect the bridge box via PPPoE ... thus making it a gateway
at the same time
so, the outside NIC is used as a part of the bridge to the DMZ and to
connect the bridge box to the internet to act as a gateway for the private
subnet...
this should be possible ... i havent read anything proving me wrong. (please
correct me if ever i am wrong)
the bridge box is now running kernel 2.4.19 patched for bridge firewalling.
the NIC drivers are built in. Bridging is built in.
bridge firewalling is built in. but iptables remains as modules. please note
that they may be built in the kernel, but brctl hasnt been installed, no
routes have been defined. so it should be the same thing as 2.4.18, but
everything built in, plus bridging+firewalling
i cannot connect with rp-pppoe ... (a plain timeout is what i get) ... i
have tried disabling all the NICs (apart from one of course), i have tried
all the NICs ... i cant connect with 2.4.19 patched!
here is what tcpdump says:
14:44:11.989926 PPPoE PADI [Service-Name] [Host-Uniq UTF8]
14:44:12.009608 PPPoE PADO [Service-Name] [Host-Uniq UTF8] [AC-Name
"62031100098918-sms9-montreal02"]
14:44:12.009836 PPPoE PADR [Service-Name] [Host-Uniq UTF8]
14:44:12.027316 PPPoE PADS [ses 0x2a2f] [Service-Name] [Host-Uniq UTF8]
[AC-Name "62031100098918-sms9-montreal02"]
14:44:12.078391 PPPoE PADT [ses 0x2a2f] [Host-Uniq UTF8] [Generic-Error
"RP-PPPo
E: System call error: Input/output error"]
at the end of lines 2 and 4, you will notice "montreal" ... that part is
right ...
i am not some networking guru, so advice would be apprciated. either about
the setup question, and rp-pppoe ...
but if either one of the problems is awnsered on the negative side, this
whole idea is trash worthy ... (or almost)
anyway. this post is long enough as it is. nonetheless, its as clear as it
can be (i think/hope) :P
lawrence
_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8.
http://join.msn.com/?page=features/junkmail
_______________________________________________
Bridge mailing list
[EMAIL PROTECTED]
http://www.math.leidenuniv.nl/mailman/listinfo/bridge
