This is a bit confusing to me.
I could not get to the Internet with the "fw" or "client" PC, before I deleted the default routes on the "fw", and added a new default route to ISP router on the "fw".
(For some reason the "fw" wanted to go out on LAN side to
)
I also added my old WLAN router on the LAN. My kids 2 win98 PC's are connected to the WLAN LAN ports. The WLAN router is a NAT router also.
So my Linux LAN is10.0.0.0 and the WLAN is 192.168.11.0.
To get the WLAN PC's to get to the Inet via my Linux LAN, I set manual IP 10.0.0.100 on the WAN side of WLAN, with static DNS from ISP and my "fw" as default gw. That worked ok.
Then I wanted to "add" routing from the 10.0.0.0 to 192.168.11.0 so I added on the "fw" a route to 192.168.11.0 with "route add".
Now I can ping with the win98 pc from 192.168.0.2 to my linux "fw" and "client" ok.
Now should I have done that some other way, than "route add" ?
Or maybe "route add" just alters the iptables also
I dont know how I could have done it with Shorewall though.
*edit* I just noticed that the "route add" thing does not either survive Linux boot, or then Shorewall removes my 192.168.11.0 addition when I restart the firewall. So I guess I have to define the 192.168.11.0 in Shorewall some how