Hello!
I need your support to define an appropriate configuration for the network architecture I have documented in the attachment.
There are some things that make this network architecture "special":
1. 2 default gateways according to this howto https://www.thomas-krenn.com/en/wiki/Two_Default_Gateways_on_One_System
2. Routed configuration on Proxmox VE server according to this howto https://pve.proxmox.com/wiki/Network_Model#Routed_Configuration
3. Masquerading (NAT) on 2 NICS according to this howto https://pve.proxmox.com/wiki/Network_Model#Masquerading_.28NAT.29
The definition of 2 default gateways ensures that any traffic on LAN 192.168.178.0/24 will communicate via gateway 192.168.178.1, and any other traffic on LAN 10.0.0.0/24 and DMZ 10.1.0.0/24 will communicate via gateway 10.0.0.1 and 10.1.0.1 respectively.
This configuration is working based on the howto guides w/o firewall.
The challenge is to add firewall functionality, but I don't know if I need to revert back the modifications in/etc/network/interfaces or /etc/iproute2/rt_tables.
The main question is:
Who can support with the configuration of shorewall?
How should /etc/shorewall/interfaces be defined?
How many zones should be in /etc/shorewall/zones?
Do I need to define multiple providers in /etc/shorewall/provides to enable 2 default gateways?
THX
network.pdf
Description: Adobe PDF document
------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users