Jan, You could try IP aliasing, like so: Assuming eth0 is your ext interface and its ip is 1.2.4.5 and you want to bind to another ip on that range ie: 1.2.4.10 - you can do this: #ifconfig eth0 1.2.4.5 netmask <netmask> up #ifconfig eth0:1 1.2.4.10 netmask <netmask> up #ifconfig you should see two IP's bound to the same interface.. repeat if you want to do that internally. HTH, Nigel. On Wednesday 13 Feb 2002 11:48 am, you wrote: > I looked at the document, thanks! I am still not sure, if this will > solve my problem. How can I assign one network card 1.1.1.224-239 and > to the other 1.1.1.0-223 and 1.1.1.240-255 (two segments of the same > ip range)? > > jan > > > > > On Wed, 13 Feb 2002 17:31:29 +0530, "Dharmendra.T" > > <dharmu@nsecure.net> wrote: > >Hi Jan, > > > > http://www.linuxdoc.org/HOWTO/BRIDGE-STP-HOWTO/index.html > > > >This may help you. > > > >Dharmendra.T > >Linux Security Expert > >www.nsecure.net > > > >The content of this email message and any attachments are confidential and > >may be legally privileged, intended solely for the addressee. If you are > > not the intended recipient, be advised that any use, dissemination, > > distribution, or copying of this e-mail is strictly prohibited. If you > > receive this message in error, please notify the sender immediately by > > reply email and destroy the message and its attachments. > > > >On Wednesday 13 February 2002 04:00 pm, Jan Stifter wrote: > >> hello, > >> I have two questions regarding the configuration of network > >> interfaces: > >> > >> Question 1) > >> ----------- > >> > >> Provider > >> > >> | ext-IP > >> > >> +----+-----+ > >> > >> | ¦ dmz-IP > >> | fw +------- DMZ > >> > >> +----+-----+ > >> > >> | int-IP > >> > >> Intranet > >> > >> My Provider gives me an official address range 1.1.1.224-239. > >> I would like to use for the intranet the 192.168.x.y range. > >> > >> So I thought, that I would give the dmz-IP the address 1.1.1.224, the > >> int-IP 192.168.0.1. > >> > >> Can I use for the ext-IP also 1.1.1.224 and configure the firewall > >> somehow as a bridge? If yes, where do I find more information > >> regarding this issue (ifconfig, route commands, kernel configuration)? > >> If no, what other options do I have? > >> > >> Question 2) > >> ----------- > >> Assume that I would like to build a firewall inside of a larger > >> network: > >> > >> 1.1.1.0-255 (excluding .224 - .239) > >> > >> eth0| ext-IP > >> +----+-----+ > >> > >> | ¦ dmz-IP > >> | fw +------- DMZ: 1.1.1.224-239 > >> | > >> | |eth1 > >> > >> +----------+ > >> > >> So, outside, towards ext-IP, I have all IPs 1.1.1.0-255 excluding .224 > >> - .239, in the DMZ, I have IPs 1.1.1.224-239 > >> > >> From the point of network configuration, this should work, but I just > >> don't know how to set up the ifconfig and route commands in order to > >> be able to configure this correctly. > >> > >> Thanks for reading this! > >> Any hints are greatly appreciated > >> > >> Jan > >> > >> ------------------------------------------------------------------------ > >> To unsubscribe email security-discuss-request@linuxsecurity.com > >> with "unsubscribe" in the subject of the message. > > ------------------------------------------------------------------------ > To unsubscribe email security-discuss-request@linuxsecurity.com > with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
