[ previous ] [ next ] [ threads ]
 
 From:  Don Munyak <don dot munyak at gmail dot com>
 To:  =?UTF-8?Q?Peter_Parni=C4=8Dan?= <peter at procad dot sk>
 Cc:  JSimoneau at lmtcs dot com, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] static route
 Date:  Wed, 23 Mar 2005 11:13:42 -0500 
Couldn't you just install multiple NIC's (more than 3)with a static
route between networks and apply traffic filtering rules for a given
network ?

- Don


On Wed, 23 Mar 2005 16:27:10 +0100, Peter ParniÄŤan <peter at procad dot sk> wrote:
>  
> Yes you are both right, its strange i know but i need it because im trying
> to have 4 subnets behind m0n0. 
> First 1.1.1.0/24 working perfectly I can access m0n0 (webGui) without
> problem. But I want to use more subnets ..10.0, ..100.0 etc. with one NIC
> (LAN). 
> I think it should be possible: because i found short description in advance
> setup ...look at Last sentence (propably Manuel wrote it)::  
> (Static route filtering:  This option only applies if you have defined one
> or more static routes. If it is enabled, traffic that enters and leaves
> through the same interface will not be checked by the firewall. This may be
> desirable in some situations where multiple subnets are connected to the
> same interface.) 
>   
> And reason why? ...i had talk with some admin guys (ISP) and they told me
> this is easyst way how to do "isolation mode" ..but only for not very
> experienced users... in my case more than 90% of current users at the
> network. Its because I want control traffic speed between users... some of
> them are naughty and and are copying big files over wifi access point (copy
> just between users, not downloading from internet). Therefore as soon as
> they will be in different subnets all traffic will pass m0n0 not only
> wirelles access ponit. 
>   
> example: 
> m0n0----wire----AP1 ::::::wirelless bridge:::::: AP2 :::::::::::: X
> wirelless users:: 
>   
> pet
>  
>   
>   
> ----- Original Message ----- 
> From: "Don Munyak" <don dot munyak at gmail dot com> 
> To: "Peter ParniÄŤan" <peter at procad dot sk> 
> Cc: <m0n0wall at lists dot m0n0 dot ch> 
> Sent: Wednesday, March 23, 2005 3:54 PM 
> Subject: Re: [m0n0wall] static route 
> 
> If the PC is on the LAN "wire" then the LAN interface needs to be in
> the network address 192.168.10.0 /24
> 
> I think what you are trying can't be done without assigning two IP
> addresses to the LAN interface...1.1.1.1 and 192.168.10.1, and I don't
> think m0n0wall can do that. I could be wrong though.
> 
> Is there some reason why you need the LAN interface setup as 1.1.1.1 ?
> 
> If your going to keep the pc address as 192.168.10.8/24 , I would
> assign the m0n0wall LAN ip as 192.168.10.1/24
> 
> - Don
> 
> 
> On Wed, 23 Mar 2005 15:01:45 +0100, Peter ParniÄŤan <peter at procad dot sk> wrote:
> > Hi guys, i want ask if ill should be able to reach m0n0 (1.1.1.1) if my IP
> > is 192.168.10.8 and m0n0 LAN is set to 1.1.1.0/24 network.
> > I have add a static route 192.168.10.0/24, gateway 1.1.1.1 and Static
> route
> > filtering: Bypass firewall rules for traffic on the same interface is
> > anabled in ADVANCED setup.
> > 
> > If is it OK why can't access m0n0?
> > 
> > thx. Pet
> > 
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> > 
> >