I want to set up a firewall.
To make it step by step I wanted first to set up a router and when the "normal" routing works I planned to install the firewall. Therefore I set up a machine with SuSe 8.1 and installed only the minimum system on a linuxbox with 2 ethernetcards.
I used 2 different IP-addresses on the same network and 2 different subnetmasks for these cards (eth0 192.168.200.63 subnetmask 255.255.255.192 and eth1 192.168.200.66 subnetmask 255.255.255.0).
On the side of eth1 there are some machines with addresses in the range form 192.168.200.40 to 192.168.200.57 ont the side of the eth1 the IP-addressses range from 192.168.200.101 to 192.168.200.252.
As far as I understood the help-files and howtos of my distribution I only had to set the value in the file /proc/sys/net/ipv4/ip_forward to 1 to get the router working.
When I tried it first all looked fine. From the "router" I pinged machines on both segments and got the correct replies from both segments. Then I tried to ping the both ethernetcards (eth0 or eth0) of the router from other machines on the segments and got correct replies. But when I tried to ping from a machine from segment 1 (eth0) to a machine from segment 2 (eth1) I got the answer "Host unreachable".
So I searched the help-files and howtos in the internet to find out what I've done wrong. But all I found where different methods of setting the value in ip_forward to 1.
So I dont know what to do.
Could it be that the problem is that both ethernetcards have the same networkaddresses (192.168.200)?
But I need this cause otherwise I had to change the addresses in a lot of machines an din a lot of programs. Or is something wrong with my subnetmasks? But as far as I know they should be correct. Nevertheless I also tried to use the same subnetmask on both ethernetcards. But then, as I thought before, it was not possible to ping the ethernetcards of the router from other machines.

I hope someone could help me.

im not the grand master if firewalls and routing but as i understand it, a firewall and a router are both results of what you do with ip_tables. ip_tables monitors, filters, and controls every packet in and out if your machine.
so basically set up your firewall because that is where you tell ip_tables what to do with packets incoming to your two interfaces.

since you're on suse there will be a firewall config program in YaSt. if i remember right there is somewhere to setup connection sharing(routing or forwarding).

hope thats somehow useful