|
||||||||||
Chris, On a side note, is it possible to use one ethernet card and VLANs with m0n0wall? m0n0wall doesn't accept any configuration with less than 2 cards right? I mean it is logical (albeit inefficient and probably dumb) to route through the logical interfaces with a managed switch with the trunk attached to just that one physical interface... /sylikc On 10/19/05, Chris Buechler <cbuechler at gmail dot com> wrote: > > On 10/19/05, TAYLAN KIRAN <tkiran at ku dot edu dot tr> wrote: > > > > think that the ip address of lan core switch router is 10.0.0.1<http://10.0.0.1> > > ip address of linux firewall is 10.0.0.2 <http://10.0.0.2> > > ip address of inner interface of wan router is 10.0.0.3<http://10.0.0.3> > > so you're trying to filter traffic between those 3 hosts? Unless you > can make all that traffic pass through m0n0wall somehow (with two > interfaces), you can't do that. You can use it as a transparent > firewall, but as with any transparent firewall, you must have two > interfaces and the traffic must all be required to pass through it. > With everything on the same broadcast domain, it's not likely you'll > be able to do so. > > You can't just plug in a 10.0.0.4 <http://10.0.0.4> firewall in this > situation and > expect it to block traffic. Traffic must pass *through* a firewall to > be blocked. > > -Chris > > --------------------------------------------------------------------- > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > > |