that would be a /28 leaving your 4 bits of IP space. 2 to the 4th power is 16. 16 minus network,router,and broadcast addrs leave your 13 IP's At 11:26 AM 2/19/01 -0600, you wrote: >Okay all, here's a Monday morning quandry for you all. > >I have a Debian box at home that I would like to use as a firewall, >as well as a NAT box. I have DSL, and I have 13 useable static IPs >(it's 32-47 with 47 the broadcast, 32 the network and 46 the router >which makes is a /what? /24?). Now this is great for us, as we split >it 7 ways, and each person can have their own static to play with. >The problem is that sometime I have a bunch of people over, and >it's a real pain for them to have to set up all the network stuff for my >net, then set it back when they leave. > >So I had the thought that I would set up a box that simply >forwarded the statics to the router, and used DHCP and NAT for >the "guest" machines. The layout would be like so: > my.public.net.x______ > \-----eth1(10.0.0.254)--firewall---> > 10.0.0.x(guests)_____/ > > >---eth0(my.public.net.45)--->router(my.private.net.46) > >The problem is that eth1 will not accept IPs from the "bogus" >addresses that are not part of the 10.0.0.255 subnet, and it logs all >sorts of "martian source" errors and displayes them on the console >and in the logs. > >So the question is, is there a way I can make this work without >physically separating the two networks? Is there a better way to do >this? > >Thanks! > > >Ben >----- >Benjamin Exley >Information Systems Manager >The Minnesota Daily >bexley at mndaily.com >(612) 627-4070 Ext. 3190 >_______________________________________________ >tclug-list mailing list >tclug-list at mn-linux.org >https://mailman.mn-linux.org/mailman/listinfo/tclug-list >