Re: IP ranges with linux firewalls?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wednesday 13 February 2002 05:18 pm, Jan Stifter wrote:

#ifconfig eth0 1.1.1.224
#ifconfig eth0:0 1.1.1.223
(aliasing the network card) 
Is this you were looking into?


> I looked at the document, thanks! I am still not sure, if this will
> solve my problem. How can I assign one network card 1.1.1.224-239 and
> to the other 1.1.1.0-223 and 1.1.1.240-255 (two segments of the same
> ip range)?
>
> jan
>
>
>
>
> On Wed, 13 Feb 2002 17:31:29 +0530, "Dharmendra.T"
>
> <dharmu@nsecure.net> wrote:
> >Hi Jan,
> >
> >   http://www.linuxdoc.org/HOWTO/BRIDGE-STP-HOWTO/index.html
> >
> >This may help you.
> >
> >Dharmendra.T
> >Linux Security Expert
> >www.nsecure.net
> >
> >The content of this email message and any attachments are confidential and
> >may be legally privileged, intended solely for the addressee.  If you are
> > not the intended recipient, be advised that any use, dissemination,
> > distribution, or copying of this e-mail is strictly prohibited.  If you
> > receive this message in error, please notify the sender immediately by
> > reply email and destroy the message and its attachments.
> >
> >On Wednesday 13 February 2002 04:00 pm, Jan Stifter wrote:
> >> hello,
> >> I have two questions regarding the configuration of network
> >> interfaces:
> >>
> >> Question 1)
> >> -----------
> >>
> >>    Provider
> >>
> >>       | ext-IP
> >>
> >>  +----+-----+
> >>
> >>  |          ¦ dmz-IP
> >>  |   fw     +------- DMZ
> >>
> >>  +----+-----+
> >>
> >>       | int-IP
> >>
> >>     Intranet
> >>
> >> My Provider gives me an official address range 1.1.1.224-239.
> >> I would like to use for the intranet the 192.168.x.y range.
> >>
> >> So I thought, that I would give the dmz-IP the address 1.1.1.224, the
> >> int-IP 192.168.0.1.
> >>
> >> Can I use for the ext-IP also 1.1.1.224 and configure the firewall
> >> somehow as a bridge? If yes, where do I find more information
> >> regarding this issue (ifconfig, route commands, kernel configuration)?
> >> If no, what other options do I have?
> >>
> >> Question 2)
> >> -----------
> >> Assume that I would like to build a firewall inside of a larger
> >> network:
> >>
> >>    1.1.1.0-255 (excluding .224 - .239)
> >>
> >>   eth0| ext-IP
> >>  +----+-----+
> >>
> >>  |          ¦ dmz-IP
> >>  |   fw     +------- DMZ: 1.1.1.224-239
> >>  |
> >>  |          |eth1
> >>
> >>  +----------+
> >>
> >> So, outside, towards ext-IP, I have all IPs 1.1.1.0-255 excluding .224
> >> - .239, in the DMZ, I have IPs 1.1.1.224-239
> >>
> >> From the point of network configuration, this should work, but I just
> >> don't know how to set up the ifconfig and route commands in order to
> >> be able to configure this correctly.
> >>
> >> Thanks for reading this!
> >> Any hints are greatly appreciated
> >>
> >> Jan
> >>
> >> ------------------------------------------------------------------------
> >>      To unsubscribe email security-discuss-request@linuxsecurity.com
> >>          with "unsubscribe" in the subject of the message.
>
> ------------------------------------------------------------------------
>      To unsubscribe email security-discuss-request@linuxsecurity.com
>          with "unsubscribe" in the subject of the message.

-- 
Dharmendra.T
Linux Security Expert
www.nsecure.net

The content of this email message and any attachments are confidential and 
may be legally privileged, intended solely for the addressee.  If you are not 
the intended recipient, be advised that any use, dissemination, distribution, 
or copying of this e-mail is strictly prohibited.  If you receive this 
message in error, please notify the sender immediately by reply email and 
destroy the message and its attachments.
------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux