I didn't quite understand what you were asking but I'm going to answer what
I think you're trying to do.
Are you trying to allow 192.168.6.0/24 addresses to query your dns server
(the firewall)? If you are you need to:
---- I think you've got your DEST and SOURCE zones mixed.
FOR DNS, there's a macro so there's less typing:
DNS(ACCEPT) guest $FW
Also you added a line for DHCP, what you should do instead of adding that
line is, edit your interfaces file and add the option dhcp to the interface
that the dhcp server listens on. So if your dhcp server is listening on
eth0, you would:
interfaces:
loc eth0 detect dhcp
On Wed, Sep 11, 2013 at 11:00 AM, María Teresa Mondragón Reye <
[email protected]> wrote:
> Hi,
>
> I would really apreciate some help.
>
> I have ethernet link with two alias interfaces:
>
> eth1 192.168.4.0/24
> eth1:0 192.168.6.0/24
>
> loc ipv4 where loc zone is 192.168.4.0/24
> guest ipv4 where guest zone is 192.168.6.0/24
>
> A firewall wich is also DNS gateway
>
> In order to asign ip address from fw to "guest" zone i put in rules file:
> .
> .
> .
>
> ACCEPT $FW guest tcp 53
> ACCEPT $FW guest udp 53,67,68
>
> ACCEPT $FW all icmp 8
> ACCEPT guest $FW icmp 8
> .
> .
> .
>
> the problem is that it doesn't work. The network guest doesn't reach the
> network and not
> guet an ip address
>
> thanks for your help
>
> teresa mondragón
>
>
>
>
> ------------------------------------------------------------------------------
> How ServiceNow helps IT people transform IT departments:
> 1. Consolidate legacy IT systems to a single system of record for IT
> 2. Standardize and globalize service processes across IT
> 3. Implement zero-touch automation to replace manual, redundant tasks
> http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. Consolidate legacy IT systems to a single system of record for IT
2. Standardize and globalize service processes across IT
3. Implement zero-touch automation to replace manual, redundant tasks
http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
