On Tue, 26 Feb 2008, Tom Eastep wrote: > Pieter Donche wrote: >> On Mon, 25 Feb 2008, Simon Hobson wrote: > nge the hostname). >> >> >> If I read the netstat -nr tables the routing looks to follow the directions >> I want. >> >> >> The setup worked for years in Shorewall 1.0.3 and also in my test setup >> in Shorewall 4.0.6. >> > > Shorewall cannot cause the martian messages you are seeing. Given that we've > established that you haven't bridged the interfaces externally, I would next > carefully check the cabling. Traffic from your local network is arriving on > eth0 -- that means that eth0 is cabled to the local network even though you > have defined eth0 as your 'net' interface.
Maybe my description was not so clear: I want ABC.DEF.75.* to be behind my firewall (75.1-13 are my servers, 75.16-253 are other PCs in my building), everthing else I consider as 'net', and this is a campus netwerk ABC.DEF.XXX.YYY, with XXX e.g. 70, 71-74, 76-79, 80, 81, etc... and also the whole rest of the 'Internet'. 143.129.70.201 is the address where everything (either from the campus or from Internet) is routed to if it has a ABC.DEF.75.* destination address. (Sorry, I may have referred to my campus network as my 'local network', 'local' was not the appropriate word to use, since in fact it just the opposite of what my 'loc' zone is...) > The detection of interfaces is non-deterministic in recent kernels so the > distributions have installed measures to insure that the assignment of > interface names to NICs is stable. But that should also be checked. Sorry, this is a bit too high-brow, I am afraid I don't grasp what you mean.. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
