I spent some more time on the ebox, today and I'm still fuzzy about the GUI. For instance, I have DHCP successfully bonded to one of the NICS and the ebox is connected to my DSL router. If I'm on the ebox, I can access the Internet. However, if I connect via DHCP (I use dhclient in prompt, so I can see the activity), that client is unable to access the Internet.
So, here are all the basic configuration details:
Active Module status:
network
firewall
ntp
dhcp server
logs
Domain Name Server
NETWORK
Network interfaces:
Name: eth0
Method: static
External: YES
IP: 66.92.167.36
Netmask: 255.255.255.0
(No virtual interfaces)
ETH0 connects to the DSL router. It's working fine.
Name: eth1
Method: static
External: no
IP: 192.168.1.1
Netmask: 255.255.255.0
(No virtual interfaces)
ETH1 is for the DHCP server and clients. It's the internal LAN
Name: eth2
Method: static
External: no
IP: 192.168.2.1
Netmask: 255.255.255.0
(No virtual interfaces)
ETH2 is for a web and mail server on a separate system.
DNS: 192.168.1.1
216.231.41.2
Routes: I tried it with none (it seemed optional). But, when I couldn't access the Internet from the ETH1 segment, I added the following route from the Network to the Gateway:
192.168.1.1/32 -> 66.92.167.36
Gateways: I have two Gateways, one for the Internet and one for the internal ETH1.
Internet Gateway (ETH0), 66.92.167.36, ETH0 (set as default)
ETH1 Gateway, 192.168.1.1, ETH1
OBJECTS
The ebox has no objects defined.
SERVICES
I haven't added any extra services.
FIREWALL
Packet filtering has been set up in these categories:
From Internal networks to ebox:
The following protocols/services accept any source: ipp, samba, http, ntp, mail system, dns, dhcp, tftp, ssh
For Internal networks, each of the NICS have been configured to access outside destinations:
66.92.167.36/32- Any - Any - "Outbound ETH0"
192.168.1.1/32 - Any - Any - "Outbound ETH1"
192.168.2.1/32 - Any - Any - "Outbound ETH2"
For traffic coming out of ebox
Any - Any - "Open up outbound for now"
For traffic coming in to ebox
No IPs are configured to accept connections
Redirects:
One redirect is in place, but I haven't tested it.
Interface: ETH0, External Port: 80, Protocol: TCP, IP: 192.168.2.2, PORT: 80
USERS Not configured
GROUPS Not configured
WEB SERVICE Not configured
OPENVPN Not configured
Japper Service: Not configured
PRINTERS: Not configured
DHCP:
Interface: ETH1
Default Gateway: Configured Ones, ETH1 Gateway
Search domain: None
Primary Nameserver: local eBox DNS
Secondary nameserver: <blank>
DHCP Ranges:
IP: 192.168.1.1
Subnet: 192.168.1.0/24
Available ranges: 192.168.1.1 -254
I created a range ("Range 1") from 192.168.1.50 to 192.168.1.100.
No fixed addresses
FILE SHARING: Not configured
TRAFFIC SHAPING: Not configured
SOFTWARE MANAGEMENT: Not configured
System is up to date
Automatice updates: Not configured
LOGS: I did set them for one week
HTTP PROXY: Not configured
MAIL: Not configured
DNS: Not configured
CERTIFICATE MANAGER: Not configured
EVENTS: Not configured