Hi all!! Sorry to step in here (without being asked -- hehe!) IMHO we miss the point ?-( ALL answers are correct [more or less -- no flames!], but doesn't answer his question! Florian Pressler wrote:
Hi!
In RFC1918, I found this:
The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private internets. 10.0.0.0 - 10.255.255.255 (10/8 prefix) 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
I decides to assign the following IPs to the hosts in my LAN: 172.20.30.40/29, i.e 172.20.30.41 - 172.20.30.46.
IMHO good (/acceptable) decision ;-)
When I start SuSEfirewall2, there appears an errormessage: The network 172.20.30.40/29 you want to masquerade is not from a private network. Change this!
Is this an error of SuSEfirwall2, or do I misunderstand something completely?
If I read Florian's posting right, it's not the question if/if not take these address and/or if it's 'free address space' nor it's a CIDR/other routing problem! (Maybe I'm wrong!?!) Said this, for me the question/answer is quite interesting: --> WHY does SuSEfirewall2 assume, that THIS ADDRESS isn't from a private network??? My apologies for I didn't use SuSEfirewall2 at the moment, maybe Florian has to give more informations, maybe the answer could only be given by the 'firewall-gurus' or the author of the script -- but I'm really wondering why this errormessage appears! Any explanation _greatly_ appreciated! -- best greetings from Solingen /GERMANY Dieter Hürten