mess-mate wrote: > Martin Leben wrote: > >> 1.a) Install the web and mail software on the 1st machine and move the >> associated data from the 2nd machine and get rid of the 2nd machine. >> ... OR: >> 1.b) Install shorewall and a second network card in the 2nd machine and get >> rid >> of the 1st machine. >> >> 2) Replace DNAT rules with ACCEPT rules. > > in fact my only problem is "what to do with the DMZ zone with option 1b".
Regardless if you choose 1.a or 1.b above, you end up with one machine with shorewall, mail and web and two network cards. In other words a two-interface machine: One "net" and one "loc". So you can just delete the "dmz" zone from /etc/shorewall/zones and remove the corresponding interface from /etc/shorewall/interfaces. (I am hoping that I haven't misunderstood you. Speak up if I have!) > Sorry if it is a very basic question, but i'm not a currently shorewall > nor firewall installer :( Don't worry. If you think you have done your "homework", you are free to ask. Good luck! /Martin Leben ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
