Hi Jan, http://www.linuxdoc.org/HOWTO/BRIDGE-STP-HOWTO/index.html This may help you. Dharmendra.T Linux Security Expert www.nsecure.net The content of this email message and any attachments are confidential and may be legally privileged, intended solely for the addressee. If you are not the intended recipient, be advised that any use, dissemination, distribution, or copying of this e-mail is strictly prohibited. If you receive this message in error, please notify the sender immediately by reply email and destroy the message and its attachments. On Wednesday 13 February 2002 04:00 pm, Jan Stifter wrote: > hello, > I have two questions regarding the configuration of network > interfaces: > > Question 1) > ----------- > > Provider > > | ext-IP > > +----+-----+ > > | ¦ dmz-IP > | fw +------- DMZ > > +----+-----+ > > | int-IP > > Intranet > > My Provider gives me an official address range 1.1.1.224-239. > I would like to use for the intranet the 192.168.x.y range. > > So I thought, that I would give the dmz-IP the address 1.1.1.224, the > int-IP 192.168.0.1. > > Can I use for the ext-IP also 1.1.1.224 and configure the firewall > somehow as a bridge? If yes, where do I find more information > regarding this issue (ifconfig, route commands, kernel configuration)? > If no, what other options do I have? > > Question 2) > ----------- > Assume that I would like to build a firewall inside of a larger > network: > > 1.1.1.0-255 (excluding .224 - .239) > > eth0| ext-IP > +----+-----+ > > | ¦ dmz-IP > | fw +------- DMZ: 1.1.1.224-239 > | > | |eth1 > > +----------+ > > So, outside, towards ext-IP, I have all IPs 1.1.1.0-255 excluding .224 > - .239, in the DMZ, I have IPs 1.1.1.224-239 > > From the point of network configuration, this should work, but I just > don't know how to set up the ifconfig and route commands in order to > be able to configure this correctly. > > Thanks for reading this! > Any hints are greatly appreciated > > Jan > > ------------------------------------------------------------------------ > To unsubscribe email security-discuss-request@linuxsecurity.com > with "unsubscribe" in the subject of the message. -- ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
