I looked at the document, thanks! I am still not sure, if this will solve my problem. How can I assign one network card 1.1.1.224-239 and to the other 1.1.1.0-223 and 1.1.1.240-255 (two segments of the same ip range)? jan On Wed, 13 Feb 2002 17:31:29 +0530, "Dharmendra.T" <dharmu@nsecure.net> wrote: >Hi Jan, > > http://www.linuxdoc.org/HOWTO/BRIDGE-STP-HOWTO/index.html > >This may help you. > >Dharmendra.T >Linux Security Expert >www.nsecure.net > >The content of this email message and any attachments are confidential and >may be legally privileged, intended solely for the addressee. If you are not >the intended recipient, be advised that any use, dissemination, distribution, >or copying of this e-mail is strictly prohibited. If you receive this >message in error, please notify the sender immediately by reply email and >destroy the message and its attachments. > >On Wednesday 13 February 2002 04:00 pm, Jan Stifter wrote: >> hello, >> I have two questions regarding the configuration of network >> interfaces: >> >> Question 1) >> ----------- >> >> Provider >> >> | ext-IP >> >> +----+-----+ >> >> | ¦ dmz-IP >> | fw +------- DMZ >> >> +----+-----+ >> >> | int-IP >> >> Intranet >> >> My Provider gives me an official address range 1.1.1.224-239. >> I would like to use for the intranet the 192.168.x.y range. >> >> So I thought, that I would give the dmz-IP the address 1.1.1.224, the >> int-IP 192.168.0.1. >> >> Can I use for the ext-IP also 1.1.1.224 and configure the firewall >> somehow as a bridge? If yes, where do I find more information >> regarding this issue (ifconfig, route commands, kernel configuration)? >> If no, what other options do I have? >> >> Question 2) >> ----------- >> Assume that I would like to build a firewall inside of a larger >> network: >> >> 1.1.1.0-255 (excluding .224 - .239) >> >> eth0| ext-IP >> +----+-----+ >> >> | ¦ dmz-IP >> | fw +------- DMZ: 1.1.1.224-239 >> | >> | |eth1 >> >> +----------+ >> >> So, outside, towards ext-IP, I have all IPs 1.1.1.0-255 excluding .224 >> - .239, in the DMZ, I have IPs 1.1.1.224-239 >> >> From the point of network configuration, this should work, but I just >> don't know how to set up the ifconfig and route commands in order to >> be able to configure this correctly. >> >> Thanks for reading this! >> Any hints are greatly appreciated >> >> Jan >> >> ------------------------------------------------------------------------ >> To unsubscribe email security-discuss-request@linuxsecurity.com >> with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
