[Devil-Linux-discuss] Firewall routing problem

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Folks...

I am having a problem with my DL firewall, caused by my lack of in-depth
knowledge of Linux routing, but which I have been unable to remedy
through searching the web and documention.

My DL box has 3 network interfaces.  It was originally configured as a
2-NIC box using the installation program: 

eth0 is the interface to the internet, and gets its IP address via DHCP
from the ISP.
eth1 is the interface to the internal network, and has a DHCP server on
it.

I have added a third NIC, eth2, for a second interet connection.  (I
need two Internet IP addresses, as I am trying to run two nameservers
through the same router.)  I have added a startup script with the
following command: 

     dhcpcd -d -h jet -G eth2

This lets eth2 get its IP address from the ISP via DHCP.

Now, here is the part that is confusing me.  If I send (via ping,
telnet, nslookup, whatever) packets to the eth2 IP address, tcpdump
tells me they are coming in, but the firewall never sees them.  (I have
the firewall set up to log all traffic from eth0 or eth2.)  Traffic to
eth0 works fine.

If I do a route -n command, my default entry looks like this: 

0.0.0.0   (eth0 IP address)  0.0.0.0   UG  0 0 eth0

If I change the default entry to specify the eth2 IP address and the
eth2 interface, traffic to eth2 works fine, and the firewall never sees
traffic to eth0.

I am not understanding what the default gateway entry has to do with
this.  I was under the impression that it only affected where outgoing
packets were sent, not incoming ones.  What am I missing?

Thanks for your help,

Lynn Grant