On 11/19/10 3:32 AM, Stephen Brown wrote: > I've just ordered a Comcast business class connection with 5 static IP > addresses. > > Reading over the aliased interfaces documentation, I'm not real clear on > what to do with /etc/shorewall/interfaces (if anything).
/etc/shorewall/interfaces is independent of the number of IP addresses
on the interface. I have Comcast business class with 5 static IPs, three
of which are configured on my external interface:
gateway:~# ip -4 addr ls dev eth1
4: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc tbf state
UNKNOWN qlen 1000
inet 70.90.191.121/29 brd 70.90.191.127 scope global eth1
inet 10.1.10.11/24 brd 10.1.10.255 scope global eth1:3
inet 70.90.191.122/29 brd 70.90.191.127 scope global secondary eth1:1
inet 70.90.191.123/29 brd 70.90.191.127 scope global secondary eth1:2
inet 70.90.191.124/29 brd 70.90.191.127 scope global secondary eth1
inet 70.90.191.125/29 brd 70.90.191.127 scope global secondary eth1
gateway:~#
My Comcast business class router is configured with it's LAN interface
as 10.1.10.0/24 (the default), so 10.1.10.11 is the primary address. The
top three public IP addresses are statically configured while the last
two are added when their corresponding Linux-vservers are started.
This the /etc/shorewall/interfaces entry for my external interface:
net COM_IF detect \
dhcp,optional,routefilter=0,logmartians,proxyarp=0,physical=$COM_IF,nosmurfs,upnp
Where /etc/shorewall/params contains:
COM_IF=eth1
-Tom
------------------------------------------------------------------------------
Beautiful is writing same markup. Internet Explorer 9 supports
standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3.
Spend less time writing and rewriting code and more time creating great
experiences on the web. Be a part of the beta today
http://p.sf.net/sfu/msIE9-sfdev2dev
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Beautiful is writing same markup. Internet Explorer 9 supports standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3. Spend less time writing and rewriting code and more time creating great experiences on the web. Be a part of the beta today http://p.sf.net/sfu/msIE9-sfdev2dev
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
