Is the traffic go through two green?


Today, I wake up with one tip in mind…
I have 3 nics…
Eth0 for Wan
Eth1 as lan ( green / 24 ), my Mac is on this Lan
Eth2 as lan ( green / 24 ), my Time Capsule as Wifi Access Point is on this Lan.

My Mac can’t see my Time Capsule…

In Nethserver where there’s two Nics as green…Is the trafic go through? Did I need to open the firewall or make rules to passthrough?

First(s) installs, few observations and help still needed
(Artem Fedai) #2

Dear Jim ,

Have a look to /var/log/firewall.log , while trying to access from / 24 to / 24 network .
It it appears drop , make changes to shorewall /etc/shorewall/policy:
loc loc ACCEPT


I have to wait a little, with family I plan to go away for the week-end.
And yesterday I have difficulties to configure the network with a fresh Centos install…

I will try monday

Why Nethserver can’t act as router by default?

(Artem Fedai) #4

it acts by Blue zone and Orange one, but it is only your Case and you should do it by yourself. Sorry all BC we could not cover.


What is the static route menu for? the doc is very succinct here…

(Artem Fedai) #6

It is impossible to document all user cases :slight_smile: you should use your Brain.


Where to click to do this ? :smiley:

(Artem Fedai) #8


No, this is not working !

I made it in other way:
In the firewall object. I made a CIDR subnet object lan1 and a 2nd object lan2 for the other subnet.

In the firewall rules, I create two rules,

  • accept anything from lan1 to lan2
  • accept anything from lan2 to lan1

It’s working

Edit: still not find the damned brain module in the left menu :smiling_imp:

(Artem Fedai) #10

you rule have the save behavior :slight_smile: but my should change policy in /etc/shorewall but this change rules file , still loc to loc should work

(Artem Fedai) #11

find changes :slight_smile:


Not sure, because “accept anything from green to green” is not working.

Probably because it can`t make the distinction between one and the other one…

(Artem Fedai) #13

could you show /var/log/firewall.log while you configure only loc to loc and make tracert command from 1 net to other one ? I have no chance to test :frowning:

(Alessio Fattorini) #14

As for as I know there isn’t any block between two green. Am I wrong @davide_marini?


It’s blocked.
It’s not a bad thing finally ( after use the Brain module :wink:) , a SME can have distinct LAN for isolate departement like R&D, or test environment…