On 03/09/2012 12:13 PM, Wojtek wrote: > Hello, > > My ISP allows me to place one of my computers (10.0.0.1) in a "DMZ", which > means > that all traffic directed to my public IP address (say 200.200.200.200) will > be > transparently forwarded to that machine. > It does not handle the trusted LAN (10.0.0.0/24) it is part of, the NAT is > done > by the ADSL box. It is also not a true DMZ as the 10.0.0.1 computer does not > own/manage the public IP. > > What would be the correct way to define zones on 10.0.0.1 in that case? I am > looking at limiting the inbound traffic from Internet to a few ports, outbound > open, inbound from the LAN open. > > I read the ""Shorewall Setup Guide" but none of the setups seems to be aligned > with my case. > Thank you for any pointers!
http://www.shorewall.net/Multiple_Zones.html#Special shows this type of setup. In that example, the special zone is a sub-zone of the 'loc' zone but the technique is the same in any zone. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
