On 3/7/11 10:30 AM, Gianluca Varenni wrote: > Tom, > > How do you suggest to configure shorewall, then? > Consider that the traffic between LAN and 10.0.0.0/8 will still need to be > NATted. >
Then NAT it -- an interface doesn't have to be associated with a provider to use NAT. Simply route 10.0.0.0/8 via whatever gateway is appropriate. I would set up eth0 as a separate zone so you can use policies and rules more conveniently to control access. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ What You Don't Know About Data Connectivity CAN Hurt You This paper provides an overview of data connectivity, details its effect on application quality, and explores various alternative solutions. http://p.sf.net/sfu/progress-d2d
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
