holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Add IP address determination tip

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5406 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-02-14 17:02:11 +00:00
parent 230d987e44
commit 05dcc43775
3 changed files with 60 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
docs/standalone.xml
View File

@ -411,7 +411,26 @@ root@lists:~# </programlisting>
<para>Before starting Shorewall, <emphasis role="bold">you should look at <para>Before starting Shorewall, <emphasis role="bold">you should look at
the IP address of your external interface and if it is in one of the above the IP address of your external interface and if it is in one of the above
ranges, you should remove the <quote>norfc1918</quote> option from the ranges, you should remove the <quote>norfc1918</quote> option from the
entry in <filename>/etc/shorewall/interfaces</filename>.</emphasis></para> entry in <filename>/etc/shorewall/interfaces</filename>.</emphasis><tip>
<para>To determine the IP address of your external interface, as root
type <command>ip addr ls dev &lt;interface&gt;</command> at the
command line where &lt;<emphasis>interface</emphasis>&gt; is your
external interface. The line beginning with inet identifies your IP
address.</para>
<para>Example:</para>
<programlisting>root@lists:~# ip addr ls dev eth0
2: eth0: &lt;BROADCAST,MULTICAST,UP,10000&gt; mtu 1500 qdisc htb qlen 1000
link/ether 00:02:e3:08:48:4c brd ff:ff:ff:ff:ff:ff
inet <emphasis role="bold">206.124.146.176</emphasis>/24 brd 206.124.146.255 scope global eth0
inet6 fe80::202:e3ff:fe08:484c/64 scope link
valid_lft forever preferred_lft forever
root@lists:~# </programlisting>
<para>In this example, the IP address of the external interface is
206.124.146.176</para>
</tip></para>
</section> </section>
<section id="Open"> <section id="Open">

21
docs/three-interface.xml
View File

@ -496,7 +496,26 @@ root@lists:~# </programlisting>
the IP address of your external interface and if it is one of the above the IP address of your external interface and if it is one of the above
ranges, you should remove the <varname>norfc1918</varname> option from the ranges, you should remove the <varname>norfc1918</varname> option from the
external interface's entry in external interface's entry in
<filename>/etc/shorewall/interfaces</filename>.</emphasis></para> <filename>/etc/shorewall/interfaces</filename>.</emphasis><tip>
<para>To determine the IP address of your external interface, as root
type <command>ip addr ls dev &lt;interface&gt;</command> at the
command line where &lt;<emphasis>interface</emphasis>&gt; is your
external interface. The line beginning with inet identifies your IP
address.</para>
<para>Example:</para>
<programlisting>root@lists:~# ip addr ls dev eth0
2: eth0: &lt;BROADCAST,MULTICAST,UP,10000&gt; mtu 1500 qdisc htb qlen 1000
link/ether 00:02:e3:08:48:4c brd ff:ff:ff:ff:ff:ff
inet <emphasis role="bold">206.124.146.176</emphasis>/24 brd 206.124.146.255 scope global eth0
inet6 fe80::202:e3ff:fe08:484c/64 scope link
valid_lft forever preferred_lft forever
root@lists:~# </programlisting>
<para>In this example, the IP address of the external interface is
206.124.146.176</para>
</tip></para>
<para>You will want to assign your local addresses from one sub-network or <para>You will want to assign your local addresses from one sub-network or
subnet and your DMZ addresses from another subnet. For our purposes, we subnet and your DMZ addresses from another subnet. For our purposes, we

21
docs/two-interface.xml
View File

@ -458,7 +458,26 @@ root@lists:~# </programlisting>
the IP address of your external interface and if it is one of the above the IP address of your external interface and if it is one of the above
ranges, you should remove the 'norfc1918' option from the external ranges, you should remove the 'norfc1918' option from the external
interface's entry in <filename interface's entry in <filename
class="directory">/etc/shorewall/</filename><filename>interfaces</filename>.</emphasis></para> class="directory">/etc/shorewall/</filename><filename>interfaces</filename>.</emphasis><tip>
<para>To determine the IP address of your external interface, as root
type <command>ip addr ls dev &lt;interface&gt;</command> at the
command line where &lt;<emphasis>interface</emphasis>&gt; is your
external interface. The line beginning with inet identifies your IP
address.</para>
<para>Example:</para>
<programlisting>root@lists:~# ip addr ls dev eth0
2: eth0: &lt;BROADCAST,MULTICAST,UP,10000&gt; mtu 1500 qdisc htb qlen 1000
link/ether 00:02:e3:08:48:4c brd ff:ff:ff:ff:ff:ff
inet <emphasis role="bold">206.124.146.176</emphasis>/24 brd 206.124.146.255 scope global eth0
inet6 fe80::202:e3ff:fe08:484c/64 scope link
valid_lft forever preferred_lft forever
root@lists:~# </programlisting>
<para>In this example, the IP address of the external interface is
206.124.146.176</para>
</tip></para>
<para>You will want to assign your addresses from the same sub-network <para>You will want to assign your addresses from the same sub-network
(subnet). For our purposes, we can consider a subnet to consists of a (subnet). For our purposes, we can consider a subnet to consists of a