I want to protect our network with a firewall that should run on a SuSE machine (kernel 2.2 stable).
There is a router that provides a permantent DSL connection to the net. Normaly this router is the gateway for all machines on the local net - but not I want to put a firewall between.
The network has official ip addresses and all machines shall use these, which means that I do not want to have masquerading. This is a bit difficult, because you have the same subnet on both sides of the linux box. It is much easier, to get a single official IP for the firewall, and a subnet behind the firewall (also official). If you can't get new ip adresses, you may need to do ethernet-bridging and firewalling, maybe there is a howto?
Strange... I thought enabling IP_FORWARD will route all traffic from one NIC to the other? I also have configured route.conf to send traffic for the local network to the NIC that is connected whith this network. All other traffic is routed to the default gateway which is my DSL router. This works pretty good at the moment. Only forwording doesn't work. Michael