On Fri November 5 2004 12:06 pm, FX Fraipont wrote:
Straighten out 9.2's eth0 and eth1. You are right that both cards shouldn't be used as eth1. eth-id-00:a0:24:29:24:d3 = eth?
eth0
eth-id-00:04:61:58:24:62 = eth?
eth1
Plus, on the conceptual side, if a single machine provides the internet access and the firewall and the masquerading, is the "space " between 192.168.0.99 (lan adress) and 192.168.2.21 (the eth card connected to the adsl modem) demilitarized? I keep reading these dmz settings in SuSEfirewall2, but can't use them....
And I still don't know why I am getting this ipfwadm error message.
fx
The DMZ is usually thought of as outside of the router/firewall box. Somewhere in between the external/internet and internal/local LAN. Probably easier to think of it as if you had an eth2 pointing to something like 192.168.20.x where you have a SQL server or a web server that you can't trust on your local LAN because you have them exposed to the internet. Help me out on your IP addressing scheme. You say eth0=192.168.2.21 to the dsl modem. You say eth1 is 192.168.0.99 to your internal LAN. Then in SuSEfirewall2 you define another network for FW_MASQ_NETS="192.168.10.0/24". Where is that? That should be "192.168.0.0/24" to masquerade your internal LAN through eth0 to the Internet. I'm researching that ipfwadm message also. Stan