On Fri, 2 Mar 2001, Kiran Kumar M wrote:
>
> Hi,
>
> I have a network structure as following.
>
> eth1 - 192.168.1.254 <--- Internal Network
> eth0 - xxx.xxx.xxx.xxx <--- External Network
> eth2 - yyy.yyy.yyy.yyy <--- Management Port
>
> I am using ipchains for communication (routing between) eth0 and eth1. My
> routing table "without eth2" will looks like this...
>
> Kernel IP routing table
> Destination Gateway Genmask Flags MSS Window irtt
> Iface
> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0
> eth1
> xxx.xxx.xxx.0 0.0.0.0 255.255.255.0 U 0 0
> 0 eth0
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0
> lo
> 0.0.0.0 xxx.xxx.xxx.zzz 0.0.0.0 UG 0 0
> 0 eth0
>
> Now I want eth2 should access from the network.. How can I do the
> routing..
>
> Thanks,
> Kiran
>
>
Well, no-one else seams to want to take a shot at this, so I will give
you a couple of hints...
First, make sure you have a route pointing to eth2. If you have
ifcfg-eth2 set up correctly, it should be generated for you.
The next step is to add some forwarding rules before your masquarding
rules. Something like:
ifchains -A forward -i eth1 -s 192.168.9.0/24 \
-d yyy.yyy.yyy.yyy/zz -j accept
ipchains -A forward -i eth2 -s yyy.yyy.yyy.yyy/zz \
-d 192.168.9.0/24 -j accept
This should limit the trafic to going between eth1 and eth2. If you
want to talk to the net on eth2 from the box with the 3 NICs, you may
have to add rules for local host as well, depending on your other
firewall rules. Also, if you are adding these rules from the command
line after the firewall is started, you will need to use -I instead of
-A, or chances are other rules will process the packets first.
Mikkel
--
Do not meddle in the affairs of dragons,
for you are crunchy and taste good with ketchup.
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
