Re: Ethernet Card Problem
From: mpierce (mrpierce_at_optusnet.com.au.nospam)
Date: 09/08/03
- Next message: jens: "Help need!! got networkproblems"
- Previous message: J Krugman: "Re: Which HOWTO for cable modem?"
- In reply to: Simon: "Ethernet Card Problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 8 Sep 2003 11:08:11 -0500
On Mon, 08 Sep 2003 10:10:12 +0200, Simon wrote:
> Hi,
>
> I've got a PC that I want to turn into firewall. I install three network
> cards on it (LAN, WAN, DMZ) and Mandrake MNF for OS.
>
> The problem is sometimes, when I change the configuration of the network
> cards, sometimes it's like the OS "swaps" cards.
>
> I explain : i got eth0/192.168.0.6/24 connected to my LAN and also the
> admin Web interface.
> Then I have eth1/192.168.0.7/24 defined as WAN.
>
> To connect to the web interface of M-MNF, I use a browser and HTTPS
> connexion to the card associated to admin (here, eth0, so 192.168.0.6).
>
> Let's assume I change the IP or the subnet mask of eth1. It will happen
> that eth0 will not respond to my HTTPS connexions. But i could happen
> that eth1 does ! It's like M-MNF as swapped the two cards.
>
> Now I changed IP of the third card as 192.168.2.1 (to create a DMZ with
> as different network than my LAN). And now I can't access to nothing !
>
> Someone told me that Linux "knows" the cards by their 'module' and that
> I should tell M-MNF which card os which, but that I know the IRQ of
> each.
>
> I'm kind of newbie on Linux. Can anyone enlight / help me ?
>
> Thanks
>
> Simon
You've got a mess on your hands and I don't know if anyone can follow what
you are really trying to do as you have not explained it very well.
I'm giving it a shot.
You can get the hardware addresses of you nic cards by running the command
as root, ifconfig. This will give the HWaddr (MAC) of each NIC that is
configured in your system.
In my firewall server I have two NICS, eth0 and eth1 connected to this
server is a laptop. Sometimes the laptop uses a docking station which has
an inbuilt NIC to connect to my server, sometimes I simply use its PCMCIA
to connect.
In my dhcpd.conf file I assign a permanent ip to these NICs by using the
MAC addresses like so:
#Dellbook fixed addresses
host dellbook {
# hardware ethernet 00:B0:D0:BD:F8:CF;
hardware ethernet 00:B0:D0:0E:C8:33;
fixed-address 192.168.1.252;
}
host db2 {
hardware ethernet 00:10:A4:79:14:A7;
fixed-address 192.168.1.253;
}
There are other network files that also have to be correctly configured
for everything to work as well.
In your case, I do not know what you are trying to do as you only need two
NICs in your server for it to be operational as a firewalled server, eth0
and eth1. Eth0 will connect to the outside world using either a static or
dynamic IP while eth1 will be for your internal lan, i.e., 192.168.1.1
Your firewall rules while then be operational on eth0.
I use Arno's Firewall (absolutely excellent) which uses iptables to
create a firewall that is impenetrable. Its flexibility allows me to open
only the ports that I need to and I can even sit back and hit ctrl+alt+F10
and look at who is trying to access my system in real-time.
Hope this helps; good luck!
- Next message: jens: "Help need!! got networkproblems"
- Previous message: J Krugman: "Re: Which HOWTO for cable modem?"
- In reply to: Simon: "Ethernet Card Problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
