> Well, i didn't grow up with messenger at my fingertips and that didn't > kill me. I think it's wrong to consider that someone will lose > productivity if it's cut off from modern ways of communicating. > > I for one do not use messenger anymore at my workplace since the general > manager requested that i block IM access. And normal mail like yahoo mail > and others is still functional. The baddest thing that IM brings is > exactly the inerruption of workflow. If you have an ideea and someone > buzzes you most of the time you lose it if you stop what you were thinking > and start chattting with that person. > > Getting back to the original problem, my best approach that i could come > up with is splitting the lan in multiple subnets with different access > rights. > > Say, the developers subnet does not have access to IM and some sites (IM > proxying sites and others) and the sales peoples subnet has full access to > internet. > > We have a fileserver on the corporate network which runs a samba domain > controller but i stumbled on some problems regarding subnets. > > I have only one nic which connects all the workstations to the internet. > > I run the samba domain controller in a virtual machine using openvz. The > problem is that i cannot have many subnets connecting to the shorewall box > because shorewall does not accepts the routeback parameter if an interface > sits on more subnets. > > I was thinking at (as the documentation states) using multiple subnets on > the same interface. > > I create the aliases and the zones but i need that some of the subnets to > talk to each other hence i need to use the routeback option for the lan > interface. > > the error messaage goes like this : > > Validating interfaces file... > ERROR: The routeback option may not be specified on a multi-zone > interface > > Does someone made a similar setup and can give a few tips ? >
I hit the send button too soon :) The samba domain controller is connecting to the shorewall box through a virtual ppp interface that is on one subnet. Virtual network = 192.168.100.0 local subnet1 = 192.168.0.0 local subnet2 = 192.168.1.0 The problem is that both the local subnets are able to talk with the virtual subnet but not with each other. (i presume because of the routeback option) ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
