> If I have one interface connected to internet with a public address on
> eth0
> and one interface (eth1) for internal private (192.168.1.1) use and I
> add one more interface (eth2) also with a private address (10.1.1.1).
> All traffic to internet gets the external (eth0) interface
> address,right?
>
> But if I route all traffic from 192.168.x.x to 10.x.x.x via eth2,
> what address do I get?
> Is't possible to masq this, so I get the eth2 address?
It's absolutely possible to have more than one private segment. I run a
firewall here that has *four* nics in it...one for the public Internet,
and three "private" segments.
Here's an example of the rules you'd need to get your setup to work:
# Set your default policy
ipfwadm -F -p deny
# Allow free traffic between your two private nets
ipfwadm -F -a accept -S 192.168.0.0/16 -D 10.0.0.0/8
ipfwadm -F -a accept -S 10.0.0.0/8 -D 192.168.0.0/16
# Masquerade anything going out on the Internet
ipfwadm -F -a accept -m -S 192.168.0.0/16
ipfwadm -F -a accept -m -S 10.0.0.0/8
You would configure your routing table just as with any standard non-masq
setup.
Good Luck!
|Frederick F. Gleason, Jr.|WAVA Radio - 105 FM |Voice: 1-(703)-807-2266 |
| Chief Engineer |1901 N. Moore Street| FAX: 1-(703)-807-2248 |
| |Arlington, VA 22209 | Web: HTTP://www.wava.com|
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
