I too am trying to set-up Shorewall as a firewall box. And I ran into some peculiar problems that are related to shorewall and not related to shorewall.
right now I'm trying to get the firewall interfaces to come up on the same network. So eth0 and eth1 are both on 192.168.1.0/24 with eth1 being DHCP and eth0 being static (eth0 will be my LAN and eth1 will be my internet). First, if I run ifup -a I get an odd route table with eth1 having no gateway. 192.168.1.0/24 .. U eth1 192.168.1.0/24 .. U eth0 0.0.0.0 .. UG eth0 and with that I get a number of martian packet errors from the LAN DHCP server (192.168.1.1) on eth1 (which is static to 192.168.1.100 and outside of the DHCP configuration range of 192.168.1.200 to 192.168.1.249). If I specify the order in /etc/network/interfaces as 'auto lo eth1 eth0' I still get martian packets but the route table is correct. I can get this to work correctly, but I don't understand why this is happening. Bringing up shorewall turns into a complete mess of other issues that I want to RTFM for first. But my question related to shorewall is this: how much information does shorewall and network/interfaces share/collide? There are settings in the shorewall interfaces file that are duplications of the debian network/interfaces files and I'm not sure if one is ignored, one needs to be synced... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
