Separate routing tables.... and you can make routing decisions based on DMZs netwotk segments.... or firewall marks, so that packates that come from segment X, use a routing table that has route Y as its default GW. ;-) That would do. On 10/31/05, Bradley Alexander <storm@xxxxxxx> wrote: > I am trying to build a firewall and from my reading of the list archives and > other places, I'm worried about unintended interactions between iptables and > iproute2. Here is my situation > > I have an internal network on eth0 and two separate dmzs on eth1 and eth2 > respectively (a wireless network and a kiosk). On the outbound side, I have a > cablemodem provider and a dsl provider. What I need is to set up routing such > that the internal network goes out on the dsl, while the dmzs go out on the > cablemodem. > > What would be the best approach to this configuration? Will there be any > unforseen interactions between iproute and iptables? > > Thanks, > -- > --Brad > ======================================================================== > Bradley M. Alexander | > IA Analyst, SysAdmin, Security Engineer | storm [at] tux.org > ======================================================================== > Key fingerprints: > DSA 0x54434E65: 37F6 BCA6 621D 920C E02E E3C8 73B2 C019 5443 4E65 > RSA 0xC3BCBA91: 3F 0E 26 C1 90 14 AD 0A C8 9C F0 93 75 A0 01 34 > ======================================================================== > Why do they put Braille dots on the keypad of the drive-up ATM? > > _______________________________________________ > LARTC mailing list > LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
