[ previous ] [ next ] [ threads ]
 From:  =?UTF-8?Q?Peter_Parni=C4=8Dan?= <peter at procad dot sk>
 To:  "Don Munyak" <don dot munyak at gmail dot com>, <JSimoneau at lmtcs dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] static route
 Date:  Wed, 23 Mar 2005 16:27:10 +0100
Yes you are both right, its strange i know but i need it because im trying to have 4 subnets behind
First working perfectly I can access m0n0 (webGui) without problem. But I want to use
more subnets ..10.0, ..100.0 etc. with one NIC (LAN).
I think it should be possible: because i found short description in advance setup ...look at Last
sentence (propably Manuel wrote it)::  
(Static route filtering:  This option only applies if you have defined one or more static routes. If
it is enabled, traffic that enters and leaves through the same interface will not be checked by the
firewall. This may be desirable in some situations where multiple subnets are connected to the same

And reason why? ...i had talk with some admin guys (ISP) and they told me this is easyst way how to
do "isolation mode" ..but only for not very experienced users... in my case more than 90% of current
users at the network. Its because I want control traffic speed between users... some of them are
naughty and and are copying big files over wifi access point (copy just between users, not
downloading from internet). Therefore as soon as they will be in different subnets all traffic will
pass m0n0 not only wirelles access ponit.

m0n0----wire----AP1 ::::::wirelless bridge:::::: AP2 :::::::::::: X wirelless users:: 


----- Original Message ----- 
From: "Don Munyak" <don dot munyak at gmail dot com>
To: "Peter ParniÄŤan" <peter at procad dot sk>
Cc: <m0n0wall at lists dot m0n0 dot ch>
Sent: Wednesday, March 23, 2005 3:54 PM
Subject: Re: [m0n0wall] static route

If the PC is on the LAN "wire" then the LAN interface needs to be in
the network address /24

I think what you are trying can't be done without assigning two IP
addresses to the LAN interface... and, and I don't
think m0n0wall can do that. I could be wrong though.

Is there some reason why you need the LAN interface setup as ?

If your going to keep the pc address as , I would
assign the m0n0wall LAN ip as

- Don

On Wed, 23 Mar 2005 15:01:45 +0100, Peter ParniÄŤan <peter at procad dot sk> wrote:
> Hi guys, i want ask if ill should be able to reach m0n0 ( if my IP
> is and m0n0 LAN is set to network.
> I have add a static route, gateway and Static route
> filtering: Bypass firewall rules for traffic on the same interface is
> anabled in ADVANCED setup.
> If is it OK why can't access m0n0?
> thx. Pet
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch