|
||||||||||
Frank Richter wrote: >> I'm using a i386 machine with 5 interfaces! >> >> Lan: 192.168.11.11 (administration only) >> Wan: public IP >> Opt1: no ip (bridged with Wan) >> Opt2: dummy IP (192.168.111.111/31) >> Opt3: no ip (bridged with Opt2 >> >> "Enable filtering Bridge" is checked. >> >> The firewall-rules on interfaces Wan/Opt1 working perfect!! >> >> The rules on interface Opt3 working perfect! >> >> > > i have found this in config.xml > # LAN/OPT spoof check (needs to be after DHCP because of broadcast addresses) > block in log quick on em2 from ! 192.168.1.0/24 to any > block in log quick on bge0 from ! 192.168.111.110/31 to any > > - -opt2=bge0- - > > Thank you very much > >> But it's not possible to get the rules working on Opt2???? >> I've tried Version 1.22 and 1.21! >> >> I'm carefully followed instructions in: >> http://doc.m0n0.ch/handbook/examples-filtered-bridge.html >> >> And the hint with the "dummy IP" from the mailinglist in February! >> >> So is this a bug or "bad thinking" >> After adding "static routes" for the network on "opt2" everything is working fine now! Before using m0n0wall we have used "freebsd and ipfw2" and bridging/firewall was no problem with 2x2 NICs. Possibly I missunderstood the configuration steps with m0n0wall. Hope this will help someone! Thank you very much, specially the one in sweden. >> Thank you very much for helping. >> >> Greetings >> >> >> -- >> --------------------------------------------------- >> Frank Richter >> Max-Planck-Institut für Astronomie >> Königstuhl 17 >> D-69117 Heidelberg >> mailto:richter at mpia dash hd dot mpg dot de >> phone: +49 6221 528267 >> --------------------------------------------------- >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch >> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch >> >> >> > > > |