well whatever. Routing, schmoting. If I turn off IPTables, everything can see everything else fine. 2009/1/21 Mike Wright <mike.wright@xxxxxxxxxxxxxx>: > David J Craigon wrote: >> >> Think I might of misunderstood your email. What I want to happen is >> for all traffic to go through the firewall. Customer 1 and Customer 5 >> are on separate VLANs. I want Customer 5 to be able to access Customer >> 1's server as if it was any other host on the internet. >> >> Does that make more sense? >> >> 2009/1/21 David J Craigon <david@xxxxxxxxxxxxx>: >> >>> No, the routing is definitely working 8-). Otherwise how could all >>> traffic go from the internet to these servers? They have no other >>> internet connection than through the firewall. > > Not too sure about VLANs but I have a 3-legged firewall/router with discrete > network cards. > > I just removed the route to my DMZ and now I can't reach it. Hosts on my > DMZ can still see my LAN and the internet because 1)net is on default route > and 2)route to LAN still exists. > > Ping a DMZ host from a LAN host and I see 100% packet loss. > > I re-added the route: ip route add DMZ/24 dev eth1 > > Voila', ping starts to work. > > :m) > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
