On Tue, May 07, 2019 at 08:25:52AM +0200, Stijn De Weirdt wrote: > hi all, > > i'm struggling with a network setup i want to achieve, and i'm not sure > what shorewall features i need to use (or if it can be achieved at all). > > i want to setup a dual gateway of some sort: i have a linux host with 3 > network interfaces: > eth3 is connected to private network, and i need NAT for this network > eth8 is connected to the ISP > eth6 is connected to a local public network. this host supposed to be > the gateway/router for this subnet > > what i now want to achieve is that i can use the gateway IP of eth6 > (*not* the ISP ip from eth8) for the NAT and also that i can setup port > forwarding on the the IP of eth6. > > trying to wrap my head around the issue, i think i want to tell > shorewall to not consider eth8 as part of the FW, and use it for routing > to eth6 and (hopefully) still allow filtering. > > many thanks for any tips (and apologies if this makes no sense ;) > I am not sure that I fully understand what you are describing. However, it seems like it lines up with the three-interface HOWTO [0]. In the terms of the HOWTO, your interfaces would be like this:
eth3 - LAN eth8 - Internet/WAN eth6 - DMZ At least, that is what I think you are trying to accomplish. Have a look at the HOWTO and follow-up if you still have questions. Regards, -Roberto [0] http://www.shorewall.org/three-interface.htm -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
signature.asc
Description: PGP signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
