Greetings, Bering-RC3 Working as far as I know 100% Hardware issues are solved. THANKS!
Status - Cable company only routes IP to MAC's. I want 5 IP's I need 5 MAC's on Lan Segment. OK, so I got 3 there now, plus 2 pointed back (loc and dmz) There seems to be 3 ways to do anything in Shorewall. Whats the best way to do the following: On the INTERNET side, I have 3 static IP's (1.1.1.1, 1.1.1.2, and 1.1.1.3) One (1.1.1.1) will also be the default gateway for the MASQ'd net. These will be the IP's used to access 3 servers inside the dmz (now at 192.168.10.243, 192.168.10,244 and 192.168.10.245) To start with, lets put all ports out there, and we'll tighten it up later.. Proxy Arp doesn't seem to like the fact that the server IP and interface IP are the same. With the rules file containing this on the last line: DNAT net:1.1.1.1 dmz:192.168.1.243 all - Looks like all packets are being dropped. Log entry looks like: Jul 26 10:30:56 firewall kernel: Shorewall:net2all:DROP:IN=eth1 OUT= MAC=00:40:f4:58:03:f3:00:07:0d:ae:68:70:08:00 SRC=208.8.184.240 DST=1.1.1.1 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=471 DF PROTO=TCP SPT=1029 DPT=25 WINDOW=32120 RES=0x00 SYN URGP=0 I'd like to keep this as simple as possible to start with. Clues, please? NAT? SNAT? DNAT? (READ CHAPTER XX DUMMY, answers are acceptable) harold miller -- This message has been scanned for viruses and dangerous content by NW.NET's MailScanner, and is believed to be clean. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
