>WHAT I WANT >--------------- >i would like my NET_B to have the same subnet of NET_A but they should >be "separated" by shorewall. >for example a pc in NET_A should have 192.168.1.10 ip, and a pc in NET_B >should have 192.168.1.10, but they should not see each other and they >should not conflict > >wifi router (192.168.1.1) > |-> eth1 (192.168.1.99) - shorewall - eth0 (192.168.1.1 OR other) <-> >NET_B (192.168.1.0/24) > |-> NET_A (192.168.1.0/24) > >all traffic from NET_A to NET_B DROPPED >all traffic from NET_B to NET_A DROPPED > >eth0 should be 192.168.1.1 if possible, or should be >192.168.1.anyothernumber, the important think is that NET_B. > >i've try with proxyarp and nat to make thinks works like this but i'm >not able to do this. >can anyone help me?
Not really, what you are asking for is not a valid IP setup. You could have the two networks using the same IP subnet if you run your shorewall as a bridge, but you would still not be able to have the same IP in use on both networks. Think about it, the firewall has a packet addressed to 192.168.1.10 - does it send it to the device with that address in NET_A, or the different device with the same address in NET_B ? Perhaps if you explained what your problem is/what you are trying to achieve then we might be able to suggest alternative ways of doing it. ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
