[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] SuSEfirewall2 not routing when both nics on

Hi *,

Brett Stevens wrote:

Simply set up a rfc 1918 address range (192.168.1.* ) and mask it or use a
second one on the other nic. This is not only best practice it is far
simpler to configure for a new user.
 eth0 (
  FireWall---eth1 (
       Webserver (

I think Brett ist right, i misread your config. Somehow i saw 3 interfaces in your config. Putting a rfc1918 subnet behind eth1 and masquerading / portforwarding traffic would be a solution.

Proxy arp only makes sense in your setting for example: if you are in, lets say, a class c network and got no central firewall. If you want to secure computers with various IP-Adresses (not a subnet) and have no possibility to put a central firewall in front of the network, then a proxy arp firewall could be used to split off those hosts and put them in a dmz. But Brett is right, thats kind of an advanced setting.

Perhaps you could provide us with more details (why you want the setup you described: no masquerading etc.)?


Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here