[ previous ] [ next ] [ threads ]
 
 From:  sylikc <sylikc at gmail dot com>
 To:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] one ethernet card
 Date:  Wed, 19 Oct 2005 11:25:14 -0700
Chris,
 On a side note, is it possible to use one ethernet card and VLANs with
m0n0wall? m0n0wall doesn't accept any configuration with less than 2 cards
right? I mean it is logical (albeit inefficient and probably dumb) to route
through the logical interfaces with a managed switch with the trunk attached
to just that one physical interface...
  /sylikc
 On 10/19/05, Chris Buechler <cbuechler at gmail dot com> wrote:
>
> On 10/19/05, TAYLAN KIRAN <tkiran at ku dot edu dot tr> wrote:
> >
> > think that the ip address of lan core switch router is 10.0.0.1<http://10.0.0.1>
> > ip address of linux firewall is 10.0.0.2 <http://10.0.0.2>
> > ip address of inner interface of wan router is 10.0.0.3<http://10.0.0.3>
>
> so you're trying to filter traffic between those 3 hosts? Unless you
> can make all that traffic pass through m0n0wall somehow (with two
> interfaces), you can't do that. You can use it as a transparent
> firewall, but as with any transparent firewall, you must have two
> interfaces and the traffic must all be required to pass through it.
> With everything on the same broadcast domain, it's not likely you'll
> be able to do so.
>
> You can't just plug in a 10.0.0.4 <http://10.0.0.4> firewall in this
> situation and
> expect it to block traffic. Traffic must pass *through* a firewall to
> be blocked.
>
> -Chris
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>