Thanks! I tried what you said I put 192.168.10.1 with 255.255.255.0 netmask and I think it works now. :D
For this purpose: workstations --- eth0 firewall eth1 --- internet will it work? As my workstations is: 192.168.8.11 I can't see 192.168.10.1. So I changed my workstation to 192.168.10.11 and I can successfully see 192.168.10.1. Now when using squid, will I be able to access the internet throught this path: my ws[192.168.10.11] --> eth0[192.168.10.1] squid eth1[192.168.8.232] --> network router(not in my control but configured to nat 192.168.8.232 to 202.138.xxx.xxx) --> internet If I have apache web server in my workstation: my ws[192.168.10.11] <-- eth0[192.168.10.1] iptables eth1[192.168.8.232] <-- network router(not in my control but configured to nat 192.168.8.232 to 202.138.xxx.xxx) <-- internet[202.138.xxx.xxx] I hope to implement this using iptables. eth0: 192.168.10.1 netmask=255.255.255.0 broadcast=192.168.255.255 eth1: 192.168.8.232 netmask=255.255.0.0 broadcast=192.168.255.255 I can't change the 192.168.8.x netmask because that is what our network has done to the router. Here is route: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.9.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 192.168.10.240 0.0.0.0 UG 0 0 0 eth1 fritz <www.mesedilla.com> --- + Basta Ikaw Lord > -----Original Message----- > From: alben benavente alteza [mailto:[EMAIL PROTECTED] > Sent: Wednesday, October 22, 2003 11:21 AM > To: Philippine Linux Users Group Mailing List > Subject: Re: [plug] network interfaces > > > shouldn't put the same subnet ip addresses on different nics. I tried > making eth0 into 192.168.10.1. Still doesn't work. > > Still your using the same subnet in def NIC since your > network is /16. use > this ip again 192.168.10.1 then change all your netmask to > 255.255.255.0, > this will work. > > review your network assignment scheme. > > On Wednesday 22 October 2003 10:36, Fritz Mesedilla wrote: > > Sorry I wasn't able to reply again. There seemed to be a > problem with our > > email. It keeps on bouncing. I think we might be exceeding > our bandwidth. > > :D > > > > Thank you to Al Maclang for replying. I was able to see > your reply through > > the october archives. > > > > Anyway, here is our current setup: > > DEVICE=eth0 > > IPADDR=192.168.8.233 > > NETMASK=255.255.0.0 > > BROADCAST=192.168.255.255 > > BOOTPROTO=none > > NETWORK=192.168.0.0 > > ONBOOT=yes > > > > DEVICE=eth1 > > IPADDR=192.168.8.232 > > NETMASK=255.255.0.0 > > BROADCAST=192.168.255.255 > > BOOTPROTO=none > > NETWORK=192.168.0.0 > > ONBOOT=yes > > > > 192.168.8.233 - represents local lan no access to internet > > 192.168.8.232 - represents internt access > > > > > > ifconfig produces: > > eth0 Link encap:Ethernet HWaddr 00:02:55:EE:C3:91 > > inet addr:192.168.8.233 Bcast:192.168.255.255 > Mask:255.255.0.0 > > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > > RX packets:341396 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:6777 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:100 > > RX bytes:188778694 (180.0 Mb) TX bytes:764553 (746.6 Kb) > > Interrupt:10 Base address:0xa000 > > > > eth1 Link encap:Ethernet HWaddr 00:10:5A:D0:19:16 > > inet addr:192.168.8.232 Bcast:192.168.255.255 > Mask:255.255.0.0 > > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > > RX packets:1769753 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:1428053 errors:0 dropped:0 overruns:0 carrier:1 > > collisions:0 txqueuelen:100 > > RX bytes:434467748 (414.3 Mb) TX > bytes:1172955565 (1118.6 Mb) > > Interrupt:10 Base address:0xb800 > > > > lo Link encap:Local Loopback > > inet addr:127.0.0.1 Mask:255.0.0.0 > > UP LOOPBACK RUNNING MTU:16436 Metric:1 > > RX packets:38565 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:38565 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:0 > > RX bytes:5573561 (5.3 Mb) TX bytes:5573561 (5.3 Mb) > > > > route produces: > > Kernel IP routing table > > Destination Gateway Genmask Flags > Metric Ref Use > > Iface 192.168.0.0 * 255.255.0.0 U > 0 0 > > 0 eth1 192.168.0.0 * 255.255.0.0 U > 0 0 > > 0 eth1 127.0.0.0 * 255.0.0.0 U > 0 0 > > 0 lo default 192.168.10.240 0.0.0.0 UG > 0 0 > > 0 eth1 > > > > > > When I try: > > - /etc/init.d/network stop > > - ifup eth0 > > > > Nothing happens. Parang hindi naka-set yung eth0. Someone > mentioned I > > shouldn't put the same subnet ip addresses on different > nics. I tried > > making eth0 into 192.168.10.1. Still doesn't work. > > > > I just want local users to pass through eth0 and out eth1 > for security > > reasons. > > > > Thanks. > > > > > > fritz <www.mesedilla.com> > > --- > > + Basta Ikaw Lord > > > > > > > ---------------------------------------------------------------------- > > This email and any files transmitted with it are confidential and > > intended solely for the use of the individual or entity to whom they > > are addressed. If you have received this email in error > please notify > > the sender immediately by e-mail and delete this e-mail from your > > system. Please note that any views or opinions presented in this > > email are solely those of the author and do not necessarily > represent > > those of the company. Finally, the recipient should check this email > > and any attachments for the presence of viruses. The company accepts > > no liability for any damage caused by any virus transmitted by this > > email. > > > > Overture Media, Inc. > > Direct Line: (632) 635-4785 > > Trunkline: (632) 631-8971 Local 146 > > Fax: (632) 637-2206 > > Level 1 Summit Media Offices, Robinsons Galleria EDSA Cor. > Ortigas Ave., > > Quezon City 1100 > > -- > Alben Benavente Alteza > > Information Systems Security Administration > > Information Systems Dept./ Philippine Airlines > > > -- > Philippine Linux Users' Group (PLUG) Mailing List > [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) > Official Website: http://plug.linux.org.ph > Searchable Archives: http://marc.free.net.ph > . > To leave, go to http://lists.q-linux.com/mailman/listinfo/plug > . > Are you a Linux newbie? To join the newbie list, go to > http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie > ---------------------------------------------------------------------- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender immediately by e-mail and delete this e-mail from your system. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. Overture Media, Inc. Direct Line: (632) 635-4785 Trunkline: (632) 631-8971 Local 146 Fax: (632) 637-2206 Level 1 Summit Media Offices, Robinsons Galleria EDSA Cor. Ortigas Ave., Quezon City 1100 -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
