On Tue, 18 Nov 2003 07:35:53 +0800
"Joe Morris (NTM)"
On 11/17/2003 10:56 PM, Yuriy Chumak wrote:
On Sat, 15 Nov 2003 00:49:39 +0800 "Joe Morris (NTM)"
wrote: FW_DEV_INT= "ppp0" (add this to your internal NIC)
"ppp0" can present in FW_DEV_INT and FW_DEV_WORLD at same time (now I have FW_DEV_WORLD="ppp0")?
What version do you have? I have never seen that variable. I would assume FW_DEV_WORLD would be the equivilant to FW_DEV_EXT, or the external interface. Do you connect to the internet via ppp0? And you also have people calling in on the same line? If that is your situation, I really don't know how to set up that situation. Sounds like a routing headache.
I have SuSE 7.3, it is a dial-in server FW_DEV_WORLD="ppp0 ppp1" - external interfaces FW_DEV_INT="eth0" - internal interface ppp0->+-----+ +---+ | SuSE|---eth0---->|HUB|->MAIL_SERVER, APP_SERVER, ... | 7.3 | +---+ ppp1->+-----+ ---- -> http://torg.alkar.net -> Nokia 6610 - $30 -> Nokia 3310 - $7 -> SDRAM 256 Mb - $5 -> http://torg.alkar.net
* Yuriy Chumak;
interface. Do you connect to the internet via ppp0? And you also have people calling in on the same line? If that is your situation, I really don't know how to set up that situation. Sounds like a routing headache.
I have SuSE 7.3, it is a dial-in server
FW_DEV_WORLD="ppp0 ppp1" - external interfaces FW_DEV_INT="eth0" - internal interface
ppp0->+-----+ +---+ | SuSE|---eth0---->|HUB|->MAIL_SERVER, APP_SERVER, ... | 7.3 | +---+ ppp1->+-----+ ----
if you use ppp1 interface for the the dial-in I would consider it placing on the FW_DEV_DMZ and then allow the FW_SERVICES_DMZ_* accordingly -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx
On Tue, 18 Nov 2003 12:08:05 +0100
Togan Muftuoglu
* Yuriy Chumak;
on 18 Nov, 2003 wrote: interface. Do you connect to the internet via ppp0? And you also have people calling in on the same line? If that is your situation, I really don't know how to set up that situation. Sounds like a routing headache.
I have SuSE 7.3, it is a dial-in server
FW_DEV_WORLD="ppp0 ppp1" - external interfaces FW_DEV_INT="eth0" - internal interface
ppp0->+-----+ +---+ | SuSE|---eth0---->|HUB|->MAIL_SERVER, APP_SERVER, ... | 7.3 | +---+ ppp1->+-----+ ----
if you use ppp1 interface for the the dial-in I would consider it placing on the FW_DEV_DMZ and then allow the FW_SERVICES_DMZ_* accordingly
I use FW_DEV_WORLD="ppp0 ppp1" because they are servised external clients calls. ---- -> http://torg.alkar.net -> Nokia 6610 - $30 -> Nokia 3310 - $7 -> SDRAM 256 Mb - $5 -> http://torg.alkar.net
On 11/18/2003 10:56 PM, Yuriy Chumak wrote:
I use FW_DEV_WORLD="ppp0 ppp1" because they are servised external clients calls.
It doesn't mean externally to your location, but to your LAN. I assume you assign them a local address when they callin, so they would be a part of your int network. -- Joe Morris New Tribes Mission Email Address: Joe_Morris@ntm.org Web Address: http://www.mydestiny.net/~joe_morris Registered Linux user 231871 God said, I AM that I AM. I say, by the grace of God, I am what I am.
* Joe Morris (NTM);
On 11/18/2003 10:56 PM, Yuriy Chumak wrote:
I use FW_DEV_WORLD="ppp0 ppp1" because they are servised external clients calls.
It doesn't mean externally to your location, but to your LAN. I assume you assign them a local address when they callin, so they would be a part of your int network.
Well explained so either DMZ or INT will be an option and I am still for DMZ -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx
participants (3)
-
Joe Morris (NTM)
-
Togan Muftuoglu
-
Yuriy Chumak