Problems configuring gateway/firewall with static IP addresses
Matt Singerman
msingerman at ncemch.org
Fri Aug 18 13:11:40 UTC 2006
Hi Ed,
Wow... This all seems, uh, complicated. Maybe I am going about this in
the wrong way? Our existing gateway machine definitely doesn't have a
configuration this complex, especially since I don't have any control
over 141.161.185.38. What would be the best method to firewall off just
one part of a network - to have just a few servers on 141.161.111.x
behind a firewall, and all the other machines on that same network not
behind it? Am I making things too complicated here?
Ed Greshko wrote:
> Ed Greshko wrote:
>
>> I wrote....
>>
>>
>>> 1. Assuming eth0 is the Internet facing interface you need to change
>>> its IP address as well as its netmask.
>>>
>>> IPADDR=141.161.111.1
>>> NETMASK=255.255.255.252
>>> BROADCAST=141.161.111.3
>>>
>> That was only an example. The important thing is that the netmask needs
>> to be 255.255.255.252 which gives you only 4 IP address on that
>> interface and of these only 2 are usable as the others are the network
>> address and the broadcast address.
>>
>> You could have...
>> IPADDR=141.161.111.242 for eth0
>> IPADDR=141.161.111.241 for 141.161.185.38 interface
>> Broadcast=141.161.111.243
>> Network=141.161.111.240
>>
>
> Forgot to mention that in this case eth1 needs to be changed as well as
> default gateways...but I think that was obvious. However, I forget that
> what is obvious to me may not be obvious to others so it is better to
> mention it....even if it is an afterthought and increases traffic. :-)
>
>
>
More information about the fedora-list
mailing list