Mailinglist Archive: opensuse (2982 mails)

< Previous Next >
Re: [opensuse] Shorewall (was; Re: [opensuse] Martin Glötzl-Koch STOP BOUNCING LIST MAIL)
  • From: Boyd Lynn Gerber <gerberb@xxxxxxxxx>
  • Date: Wed, 7 Mar 2007 09:14:43 -0700
  • Message-id: <Pine.LNX.4.64.0703070827390.32554@xxxxxxxxxxxxxxx>
On Wed, 7 Mar 2007, John Andersen wrote:
> On Tuesday 06 March 2007, Jon Clausen wrote:
> > I'm by no means an iptables authority, and I'll probably never become one
> > either.
>
> But Tom Eastep (Shorewall author) is.  The guy is a wizard, and really knows
> his stuff.  I've been using shorewall for years on Suse and now also on
> Kubuntu.
>
> What ever you do READ the QUICK START GUIDES.  It will save
> so much time.
>
> Every site I maintain does egress filtering with Shorewall. Especially
> for port 25.

Could I get a sample of some of your configs?  My main problem is as such.
I have SuSEfirewall working but complains from yast  I would like to look
at shorewall, but I have not gotten configs correct.

I have a Class C network and all machine I want visiable to the world are
one it.  I also have part of an other Class C that I share with others.
So I have a machine with three network cards as my router/firewall.  Here
is a diagram that shows network.  Most machines have two NIC's public and
private.

   Internet                                     Internet
   |                                            |
   | X.X.X.X Partial Class C                    | Download Dynamic IP
   | Y.Y.Y.Y Full Class C                       |__
   |                                               |
   |            System          System             |
   |            shared          shared             | DHCP IP
   |            storage         storage            |
---------       ---------       ---------       ---------
|       |       |       |       |       |       |       |
|       |---+   |       |       |       |       |       |
|   1   |   |P  |   2   |       |   3   |       |   4   |
|       |   |B  |       |       |       |       |       |
|       |   |   |       |       |       |       |       |
|       |   |I  |       |       |       |       |       |
---------   |P  ---------       ---------       ---------
   |        |     |               |                |
   |    --------- |               |                |
   |    | HUB/  |-----------------+----------------+----
   |    | Switch|  |              |                |   |
   |    ---------  |              |                |   |
   |               |              |             Other Systems
   | 192.168.x.x   |              |               Unix/Linux
   |               |              |
   | & MS Machines |                  |               MS Masquarded
----------      ---------       ---------       ---------
| HUB/   |-+    |       |       |       |       |       |
| Switch | |    |       |       |       |       |       |
---------- |    |  5    |       |   6   |       |   7   |...
           +----|       |       |       |       |       |
           |    |       |       |       |       |       |
           |    ---------       ---------       ---------
           +--------|---------------|---------------|



--
Boyd Gerber <gerberb@xxxxxxxxx>
ZENEZ   1042 East Fort Union #135, Midvale Utah  84047
-- 
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups