[ previous ] [ next ] [ threads ]
 From:  "David Burgess" <apt dot get at gmail dot com>
 To:  "Monowall Support List" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Fwd: [m0n0wall] ethernet frame routing
 Date:  Sat, 20 Oct 2007 09:05:32 -0600
Sorry, this reply was meant for the list. Darn reply defaults.

---------- Forwarded message ----------
From: David Burgess <apt dot get at gmail dot com>
Date: Oct 20, 2007 9:05 AM
Subject: Re: [m0n0wall] ethernet frame routing
To: Sebastian Böhm <seb at exse dot net>

On 10/20/07, Sebastian Böhm <seb at exse dot net> wrote:
> Hi,
> I want to install a new firewall and someone suggested me to use
> m0n0wall with a soekris board.
> I have one question regarding features:
> Under Linux I do this:
> /sbin/ebtables -t broute -A BROUTING -p IPv4 -i eth1 --ip-dst x.y.z.
> 0/28 -j redirect
> /sbin/ebtables -t broute -A BROUTING -p IPv4 -i eth1 --ip-dst x.y.z.
> 80/28 -j redirect
> those two nets (x.y.z.0/28 and x.y.z.80/28) sit on the same interface
> (eth1) , and have their default route at .1 and .81
> to prevent traffic from one of those two nets targeted to the other
> to leave the firewall via eth0 (to those default routers) the above
> ebtables rules shortcuts that inside the firewall.
> can I do this with m0n0wall ?
> Thanks and Kind Regards,
> Sebastian

I'm not sure I completely understand the question, but I'm going to take a
stab at it here.

It looks to me like you want two subnets on your lan interface: x.y.z.0/28
and x.y.z.80/28. You can do this with monowall and then create firewall
rules to govern traffic between the two subnets. Some people on the list who
are more knowledgeable and experienced about it than I will advise against
doing this, however it is technically possible.