[TCLUG] Martian source errors

[Benjamin Exley]

Okay all, here's a Monday morning quandry for you all.

I have a Debian box at home that I would like to use as a firewall, 
as well as a NAT box. I have DSL, and I have 13 useable static IPs 
(it's 32-47 with 47 the broadcast, 32 the network and 46 the router 
which makes is a /what? /24?). Now this is great for us, as we split 
it 7 ways, and each person can have their own static to play with. 
The problem is that sometime I have a bunch of people over, and 
it's a real pain for them to have to set up all the network stuff for my 
net, then set it back when they leave. 

So I had the thought that I would set up a box that simply 
forwarded the statics to the router, and used DHCP and NAT for 
the "guest" machines. The layout would be like so:
	my.public.net.x______
						     \-----eth1(10.0.0.254)--firewall--->
      10.0.0.x(guests)_____/

                   >---eth0(my.public.net.45)--->router(my.private.net.46)

The problem is that eth1 will not accept IPs from the "bogus" 
addresses that are not part of the 10.0.0.255 subnet, and it logs all 
sorts of "martian source" errors and displayes them on the console 
and in the logs.

So the question is, is there a way I can make this work without 
physically separating the two networks? Is there a better way to do 
this?

Thanks!


Ben
-----
Benjamin Exley
Information Systems Manager
The Minnesota Daily
bexley at mndaily.com
(612) 627-4070 Ext. 3190