From: Maarten J H van den Berg (maartenvbvb.nl)
Date: Fri May 23 2003 - 12:49:57 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thursday 22 May 2003 10:23, you wrote:
> Hello Maarten

Hi Arjen

> Quoting maarten van den Berg <maartenvbvb.nl>:
> > FW_MASQ_DEV="eth0 eth2"
>
> Hmm, I don't think it is necessary to masquerade on eth2, and just
> maybe that is the culprit

Yeah... I wondered about that too... The thing is, If I do not masquerade
LAN to my DMZ how do I allow access from LAN to my DMZ servers ?
Am I overlooking something ?

> > FW_FORWARD="0/0,X.Y.Z.160/28,tcp,80 0/0,X.Y.Z.160/28,tcp,22
> > X.Y.Z.160/28,0/0"
>
> This syntax looks correct indeed.
> So remove eth2 from FW_MASQ_DEV and the forward rule from dmz to
> outside, because I think the fw rules that are setup already should
> allow this.

I'll try that.

> If this does not work have a good look at the routing table on the fw
>
> Als the DMZ if should be the default gw for the servers in the DMZ

Yeah. It is.

Maarten

--
This email has been scanned for the presence of computer viruses.

Maarten J. H. van den Berg ~~//~~ network administrator
VBVB - Amsterdam - The Netherlands - http://vbvb.nl
T +31204233288 F +31204233286 G +31651994273

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]