[Leaf-user] Re: Your DMZ setup on LRP

Tue, 01 Jan 2002 15:48:49 -0800 

Subject: Your DMZ setup on LRP
>Date: Tue, 1 Jan 2002 22:54:49 UT
>
>I was just wondering if you could post a .LRP package of the files you
>had to modify in order to get your setup to work.
>I could benefit from them and I am sure many others would as well.
>
>Happy New Year!!
>                         Scott
>--
>   Scott Palmer
################

By no way am I an expert on LRP.  I just started using it last week becuase 
I did not have enough money to buy a Linksys router.

I can show what I have if it can help.

I am using the Dachstein image
kernal 2.2.19 that I got from http://lrp.steinkuehler.net

I added 3 network cards eth0 eth1 are as normal for a simple setup for 
external and private lan.

eth2 which is the NIC for the DMZ

I use a crossover cable to connect to the DMZ system.

here is the script.

eth2_IPADDR=192.168.10.254
eth2_MASKLEN=24
eth2_BROADCAST=+
eth2_IP_SPOOF=YES
eth2_IP_KRNL_LOGMARTIANS=YES
eth2_IP_SHARED_MEDIA=NO
eth2_BRIDGE=NO
eth2_PROXY_ARP=NO
eth2_FAIRQ=NO

EXTERN_TCP_PORTS="0/0_80"

###############################################################################
# DMZ setup (optional)
###############################################################################
# Whether you want a DMZ or not (YES, PROXY, NAT, PRIVATE, NO)
DMZ_SWITCH=PRIVATE
DMZ_IF="eth2"
DMZ_NET=192.168.10.0/24



DMZ_OPEN_DEST=" udp_${DMZ_NET}_domain
                tcp_${DMZ_NET}_domain
                icmp_${DMZ_NET}_:
                tcp_${DMZ_NET}_www
                tcp_192.168.10.22_www"  #this is the dmz system

# PRIVATE DMZ switches
###############################################################################
# Services port-forwarded to the DMZ network
# Indexed list: "Protocol LocalIP LocalPort RemoteIP [ RemotePort ]"
DMZ_SERVER0="udp ${EXTERN_IP} domain 192.168.2.12 domain"
DMZ_SERVER1="tcp ${EXTERN_IP} domain 192.168.2.12 domain"
DMZ_SERVER1="tcp ${EXTERN_IP} 80 192.168.10.22 80"
DMZ_SERVER4="tcp ${EXTERN_IP} www 192.168.10.22 www"

# Allow all outbound traffic from DMZ (YES)
# or just traffic from port-forwarded servers (NO)
DMZ_OUTBOUND_ALL=YES

Dont forget to set the DMZ system up correctly.
The default gateway must be the IP of eth2 ie  192.168.10.254.


I hope this does not cause more trouble.




_________________________________________________________________
MSN Photos is the easiest way to share and print your photos: 
http://photos.msn.com/support/worldwide.aspx


_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user

Reply via email to