[Shorewall-users] Problem with Static NAT.

Ian David Laws ian at the-laws-clan.de
Mon Jun 9 17:34:33 PDT 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Monday 09 June 2003 16:01, Tom Eastep wrote:
> On Sun, 8 Jun 2003 22:34:27 -0700 (PDT), Steve Herber <herber at thing.com>
>
> wrote:
> > We are not carpenters, but more like architects and architects have lots
> > of plans on file for a wide range of structures, some with two room
> > others with three rooms.  I think most professions have cookie cutter
> > plans for their most common configurations.  After looking at common
> > configurations you can pick the plan that most closely matches your
> > needs.
> > Then you start customizing.
> >
> > The current examples, which are great, do not cover the multiple IP
> > address case.  I would like to see at least two more examples covering
> > the multiple static IP case, one using NAT and the other using Proxy ARP.
> >
> > I wonder if other Shorewall users have some examples that they could
> > contribute?
>
> I think we are talking about different things here. I'm talking about the
> setup guide which I assert contains all of the information needed to set up
> a two-interface firewall with multiple public IPs. It uses a three-
> interface setup as an example because I believe that configuration is more
> common and contains the two-interface case as a proper subset. If someone
> wants to take that document and hack it to be two-interface specific,
> that's fine.
>
> You seem to be talking about sample configurations complete with QuickStart
> Guides to match. Such samples/guides require ongoing maintenance with every
> Shorewall release so it's not just a case of capturing some user's
> contribution and publishing it.

May be there is someone willing to take the time and do that maybe someone who 
has set this up. :-)

I personanly do not have problems with setting a firewall up with the 
configuration guides and the A&Q.
:-)  They are quickly adaptive I find to most setups required. :-)
 
Ian
>
> -Tom

- -- 
A child of five would understand this.
Send someone to fetch a child of five.
Groucho Marx

- ----------------------------------------------------
This mail has been scanned for virus by
AntiVir for UNIX
Copyright (C) 1994-2003 by H+BEDV Datentechnik GmbH.
PGP ID: 589F8449 
Fingerprint: EB1C FACF 6BEB 540E 8AC0  F04E 2A25 A2F1 589F 8449
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE+5Jr5KiWi8VifhEkRAsHUAKCvFmFlzRPbx6vV3hX910cvhvvj/gCfXsbr
aU35MNQrHHbfV8JQ6CjesSI=
=DBFg
-----END PGP SIGNATURE-----



More information about the Shorewall-users mailing list