Hi,
If you don't mind, could you tell me what IP & netmask I should set eth2: to,
please.
> Date: Mon, 4 Feb 2008 11:28:14 +0000> To:
> [email protected]> From: [EMAIL PROTECTED]> Subject: Re:
> [Shorewall-users] Can't SSH from DMZ to $FW, or to LOC> > P Hennessy wrote:>
> > >Shorewall 4.0.8> >3 Interface> >> >eth0: 192.168.1.1 255.255.255.0
> #connected to Modem> >eth1: 10.10.1.3 255.0.0.0 #loc> >eth2: 10.10.2.3
> 255.255.254.0 #DMZ> >> >In the POLICY File, all is set to REJECT> >>
> >INTERFACES:> >net ppp0 detect > >routefilter,norfc1918,tcpflags,blacklist>
> >modem eth0 detect> >loc eth1 10.10.1.255 tcpflags,dhcp> >dmz eth2
> 10.10.2.255 tcpflags,dhcp> > > >Am I missing something in the above setup> >
> Yes, your IP config is invalid.> > > 10.10.2.0/23 is a subset of 10.0.0.0/8 -
> therefore eth1 and eth2 have > overlapping IP addresses.> > Your broadcast
> addresses are also wrong in the interfaces file:> 10.0.0.0/8 has a broadcast
> of 10.255.255.255> 10.10.2.0/23 has a broadcast of 10.10.3.255> > >
> ------------------------------------------------------------------------->
> This SF.net email is sponsored by: Microsoft> Defy all challenges.
> Microsoft(R) Visual Studio 2008.>
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/>
> _______________________________________________> Shorewall-users mailing
> list> [email protected]>
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
_________________________________________________________________
Get 30 Free Emoticons for your Windows Live Messenger
http://www.livemessenger-emoticons.com/en-ie
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
