[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] one ethernet card
 Date:  Wed, 19 Oct 2005 10:21:55 -0400 
On 10/19/05, TAYLAN  KIRAN <tkiran at ku dot edu dot tr> wrote:
>
> think that the ip address of lan core switch router is 10.0.0.1
> ip address of  linux firewall is 10.0.0.2
> ip address of inner interface of wan router is 10.0.0.3

so you're trying to filter traffic between those 3 hosts?  Unless you
can make all that traffic pass through m0n0wall somehow (with two
interfaces), you can't do that.  You can use it as a transparent
firewall, but as with any transparent firewall, you must have two
interfaces and the traffic must all be required to pass through it. 
With everything on the same broadcast domain, it's not likely you'll
be able to do so.

You can't just plug in a 10.0.0.4 firewall in this situation and
expect it to block traffic.  Traffic must pass *through* a firewall to
be blocked.

-Chris