On Tue, Mar 25, 2008 at 07:13:19PM +0000, Werner van Staden wrote: > eth7 should have an address in the same subnet (192.168.2.0) as eth0, > right? Yet, having the loc and dmz zones on the same subnet seems > counter intuitive and insecure...
Security has got nothing to do with address assignment and subnets. Address assignment and subnets are all about routing. Routing is about deciding *where* traffic will go, not *which* traffic will go. You don't appear to understand how IP routing works. Either learn, or find somebody who does and get them to do it for you. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
