<html>
<head>
<style>
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Verdana
}
</style>
</head>
<body class='hmmessage'>
It looks like this:<br><br><br>version 5<br>#FIREHOL_LOG_LEVEL="7"<br><br>#Define a transpartent proxy<br>transparent_squid 3128 "proxy root" src "192.168.1.0/24 192.168.2.0/24"<br><br>interface eth0 dhcp<br> policy return<br> server dhcp accept<br><br># Define interfaces and accessable services<br>home_ips="192.168.0.0/16"<br><br>interface eth0 home src "${home_ips}"<br> policy reject<br> server custom amavis tcp/10024:10025 10024:10025 accept<br> server custom mysql tcp/3306 any accept<br> server custom spamass tcp/783 783 accept<br> server dns accept<br> server dhcp accept<br> server ftp accept<br> server samba accept<br> server squid accept<br> server http accept<br> server https accept<br> server ssh accept<br> server icmp accept<br> server smtp accept<br> server smtps accept<br> server imap accept<br> server imaps accept<br> server ms_ds accept<br> server ping accept<br> server webmin accept<br> server nfs accept<br><br> client all accept<br><br>interface ppp+ internet src not "${home_ips} ${UNROUTABLE_IPS}"<br> protection strong 10/sec 10<br> server ftp accept<br> server http accept<br> server https accept<br> server ssh accept<br> server smtp accept<br> server smtps accept<br> server imaps accept<br> server custom dccclient udp/6277 any accept<br><br> server ident reject with tcp-reset<br><br> client all accept<br><br># General routing/masquerading<br>router home2internet inface eth0 outface ppp+<br> masquerade<br> server all accept<br><br>router internet2home inface ppp+ outface eth0<br> server ident reject with tcp-reset<br><br># Routing within this building<br>router enter2kyo src 192.168.0.2 dst 192.168.1.50 log "ENTER2KYO"<br> route all accept<br>router delta2kyo src 192.168.0.4 dst 192.168.1.50 log "DELTA2KYO"<br> route all accept<br>router chall2kyo src 192.168.0.6 dst 192.168.1.50 log "CHALL2KYO"<br> route all accept<br>router defi2kyo src 192.168.0.100 dst 192.168.1.50 log "DEFI2KYO"<br> route all accept<br><br>router enter2bro src 192.168.0.2 dst 192.168.1.51 log "ENTER2BRO"<br> route all accept<br>router delta2bro src 192.168.0.4 dst 192.168.1.51 log "DELTA2BRO"<br> route all accept<br>router chall2bro src 192.168.0.6 dst 192.168.1.51 log "CHALL2BRO"<br> route all accept<br><br># END OF FILE /etc/firehol/firehol.conf<br><br><br><br><br>> Date: Sun, 8 Feb 2009 18:16:15 +0000<br>> Subject: Re: [Firehol-support] Routing between virtual interfaces<br>> From: cefrodrigues@gmail.com<br>> To: mofog@hotmail.com<br>> CC: firehol-support@lists.sourceforge.net<br>> <br>> On Fri, Feb 6, 2009 at 7:11 PM, M. O. <mofog@hotmail.com> wrote:<br>> > As you can see, there are some contradictory statements: one maps the<br>> > traffic from 192.168.0.4 to 192.168.1.51 successfully to the rule<br>> > "DELTA2BRO", and the next line tells the exact opposite (same addresses are<br>> > mapped to "PASS-unknown"). I'm quite in despair now.<br>> <br>> What does your firehol.conf look like? Are you accepting all traffic?<br>> <br>> -- <br>> Carlos Rodrigues<br><br /><hr />Der neue Messenger 2009 ist da! <a href='http://redirect.gimas.net/?n=M0902WLM2009' target='_new'>Kostenlos downloaden!</a></body>
</html>