Buchan Milne <[EMAIL PROTECTED]> writes:
Hello,
> ...
>
> The basic stuff should rather not set a WINS server address, otherwise the
> newbies will be confused as to why browsing suddenly failed ....
>
ok, so I'll comment the two lines for the future
> >>4)Routing without masquerading
> >
> >you're right again, this firewall was designed for small offices and
> >therefore we assumed that will be no public internal networks. We are
> >masquerading everything and did not give the opportunity to route
> >without masquerading ...
> >
> > As I said, we still have a lot to do ...
> If you try and do everything yourself, you might have it exactly the way
> you want it, but it takes a long time. If you give me some pointers on how
> you would do things, and how I can help, I will lend a hand. I need to be
> able to hand admin of the firewall off to someone in about a month if
> possible, and would like to have some of these issues resolved.
you should go and edit the /etc/bastille-firewall.conf file and modify it
a bit.
You should allow your internal public network before the masquerading
lines.
run the ipchains-save command to have an idea.
cheers,
--
Florin http://www.mandrakesoft.com
