Hiya all,

I am having a problem setting up shorewall to use proxyarp....

I have a set of 8 IP Addresses from my ISP:

addresses: x.x.x.120 - x.x.x.127
subnetmask: 255.255.255.248
subnet: x.x.x.120/29
Network address: x.x.x.120
Broadcast: x.x.x.127
Router: x.x.x.126

So I can use x.x.x.121 - x.x.x.125 for my hosts.....

I have a Mandrake 9.0 Box connected to the internet via an Alcatel Speedtocuh USB ADSL Modem it is all connected and working fine!

Now dont shoot me here BUT I used the Mandrake 9.0 internet sharing wizard to setup temporary sharing between the computers on my network (1 XP Box and 1 Mandrake Desktop Box). This works fine and after a bit of tinkering with the shorewall conf files everything iwas working great EXCEPT I now want the 2 machines on network to have real ip's.....

I have setup the proxarp file as such:

#ADDRESS INTERFACE EXTERNAL HAVEROUTE
x.x.x.121 eth0 ppp0 no

shorewall gives a lovley message when starting saying:

Configuring Proxy ARP
Host x.x.x.121 connected to eth0 added to ARP on ppp0
Enabled proxy ARP on ppp0
Enabled proxy ARP on eth0

(btw I have also enabled proxyarp on both interfaces as the non-routed section in the shorewall setup guide said)

I tried configuring my linux desktop machine with the ip: x.x.x.121 subnetmask:255.255.255.248. But now when I tried to ping the shorewall box (192.168.1.1) it said network down :o(

Now I know this message is a bit long but can anyone out there help me to get this work or suggest a better way of doing this! This might be a bit unclear so just let me know if any of this needs clarifying!

Kind Regards, Nick

UPDATE! (cause I know you are all really interested;) )

I set the ip on the XP Box to x.x.x.122 and also added the apropriate line to the proxyarp file and bingo it works! Can be seen by the outside world and everything :D

So I guess my real question is how do I change the ip on the linux box correctly? I have used the mandrake control center (please dont shoot me!) to change the IP and when I use ifconfig it shows the ip address of eth0 has changed to x.x.x.121 BUT when I try to ping 192.168.1.1 (the shorewall box) it says the network is unreachable!?

Any help would be great!!

Don't think you can ping the shorewall gateway, as there is no route for it, can you ping the rest of the internet OK?

What ip is the shorewall using? 121? 125? Don't try to use that one behind the box...
What are you using for the gateway on the protected machines? 126?

The shorewall box has 2 interfaces:

x.x.x.126 on the outside
192.168.1.1 on the inside

The XP box x.x.x.122 CAN ping the shorewall box (both 192.168.1.1 & x.x.x.126) BUT when I try and change the settings on the linux box to

IP: x.x.x.121
Subnet: 255.255.255.248
Gateway: 192.168.1.1
(all the same as the XP box except the ip address)

It is not able to ping anything or use the internet!!

Hope that makes things a little clearer

Why are "Router: x.x.x.126" and "shorewall x.x.x.126 on the outside" on the same ip? What is the gateway on the shorewall box?? What is the output of route -n?? Shorewall has a mailing list, Tom, the author is very helpful....