|
||||||||
I tried for quite some time to define OPT1 to allow me access to wireless network from my LAN, but not to allow OPT1 to access my WAN (internet pppoe). I had no luck. Seems that m0n0 just isn't setup to allow packets between LAN and OPT interfaces. I can ping OPT interface from within m0n0 box, but not from LAN. There are few tutorials that explain how to setup OPT->WAN, but not LAN->OPT. Anyway, my LAN is 192.168.192.0/24, and OPT is 192.168.0.0/24 . By default, m0n0 creates these ipnat rules: map ng0 192.168.192.0/24 -> 0/32 proxy port ftp ftp/tcp map ng0 192.168.192.0/24 -> 0/32 portmap tcp/udp auto map ng0 192.168.192.0/24 -> 0/32 map ng0 192.168.0.0/24 -> 0/32 proxy port ftp ftp/tcp map ng0 192.168.0.0/24 -> 0/32 portmap tcp/udp auto map ng0 192.168.0.0/24 -> 0/32 as you can see, it performs NAT from LAN to WAN, and performs NAT from OPT1 (my sis1 interface) to WAN. This is NOT what I want. I want this: map ng0 192.168.192.0/24 -> 0/32 proxy port ftp ftp/tcp map ng0 192.168.192.0/24 -> 0/32 portmap tcp/udp auto map ng0 192.168.192.0/24 -> 0/32 map sis1 192.168.192.0/24 -> 0/32 proxy port ftp ftp/tcp map sis1 192.168.192.0/24 -> 0/32 portmap tcp/udp auto map sis1 192.168.192.0/24 -> 0/32 I can change m0n0's source so that this is called automatically for me each time I make some update. But.. I'm curious - can I set this with current m0n0's web interface, using default installation? Thanks, Kreso Kresimir Petric (kreso at weonlydo dot com) WeOnlyDo! Software - Internet Security Components -----==> http://www.weonlydo.com <==----- |