Mailinglist Archive: opensuse-security (343 mails)

< Previous Next >
Re: Firewall confusion
  • From: John Bland <shrike@xxxxxxxxxxxxx>
  • Date: Tue, 17 Jul 2001 21:08:29 +0100 (BST)
  • Message-id: <Pine.LNX.4.31.0107172103580.19549-100000@xxxxxxxxxxxxxxxxxxx>

> I'm aware that using non-routables would be easier and more secure but
> that would mean a complete overhaul of our setup and messing about with
> proxies.
>
> The problem is that this means the two NICs on the firewall are on the
> same subnet. There appears to be some problem with routing in this setup.
> I've not tried to do anything fancy just set up eth0 and eth1 as normal.

I am getting absolutely nowhere with this. I've searched high and low for
info on the routing on same subnet thing and it all boils down to arp and
route kludges. With these I can get internal hosts to see the external NIC
on the firewall but that's it and as soon as I turn on the firewall it all
stops dead.

Isn't there *any* HOWTO on doing this? Invisible firewalling like this
seems, on the face of it, a neat and simple drop in to an existing
network, but the routing is a nightmare.

I don't have direct access to the router or control over it.

Anyone out there done this for real and got it to work?!

JB (getting highly frustrated)

--
John Bland M.Phys (Hons) AMInstP / \ PhD Student & Sys Admin
Email: j.bland at cmp.liv.ac.uk / \ Condensed Matter Group
http://ringtail.cmp.liv.ac.uk/ / \ Liverpool University
"Hey, I wonder how much meat you get on a womble?" -- Eddie


< Previous Next >
References