From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from ccs.covici.com ([209.249.181.196])
	by speech.braille.uwo.ca with esmtp (Exim 3.36 #1 (Debian))
	id 1AG5pH-0002k6-00
	for <speakup@braille.uwo.ca>; Sat, 01 Nov 2003 19:10:39 -0500
Received: from ccs.covici.com (IDENT:covici@localhost [127.0.0.1])
	by ccs.covici.com (8.12.10/8.12.10) with ESMTP id hA20AZDI030450
	for <speakup@braille.uwo.ca>; Sat, 1 Nov 2003 19:10:35 -0500
Received: (from covici@localhost)
	by ccs.covici.com (8.12.10/8.12.10/Submit) id hA20AZ1W030447;
	Sat, 1 Nov 2003 19:10:35 -0500
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <16292.19319.720974.61435@ccs.covici.com>
Date: Sat, 1 Nov 2003 19:10:31 -0500
From: John covici <covici@ccs.covici.com>
To: "Speakup is a screen review system for Linux."
	<speakup@braille.uwo.ca>
In-Reply-To: <Pine.BSF.4.58.0311011703500.67838@server1.shellworld.net>
References: <Pine.BSF.4.58.0311011703500.67838@server1.shellworld.net>
X-Mailer: VM 7.17 under Emacs 21.3.50.1
Subject: RFC on solution to Rejean's situation
X-BeenThere: speakup@braille.uwo.ca
X-Mailman-Version: 2.1.3
Precedence: list
Reply-To: covici@ccs.covici.com,
 "Speakup is a screen review system for Linux."
	<speakup@braille.uwo.ca>
List-Id: Speakup is a screen review system for Linux.
	<speakup.braille.uwo.ca>
List-Unsubscribe: <http://speech.braille.uwo.ca/mailman/listinfo/speakup>,
	<mailto:speakup-request@braille.uwo.ca?subject=unsubscribe>
List-Archive: <http://braille.uwo.ca/pipermail/speakup>
List-Post: <mailto:speakup@braille.uwo.ca>
List-Help: <mailto:speakup-request@braille.uwo.ca?subject=help>
List-Subscribe: <http://speech.braille.uwo.ca/mailman/listinfo/speakup>,
	<mailto:speakup-request@braille.uwo.ca?subject=subscribe>
X-List-Received-Date: Sun, 02 Nov 2003 00:10:40 -0000

I think the firewall stuff can be done on the same machine -- no need
for another box at all.  There are several ways to route the packets
from the windows system out a certain interface and you will need to
use iptables heavily along with the ip command to accomplish some of
this.

One way which comes to mind off the top of my head is that you can
use the mangle table of iptables and put a statement in the
PREROUTING chain to mark the packets with 1 and then have a rule in
the policy database to send all such packets out the interface
desired.

In addition the the ip tables unreliable guide from Rusty Russell and
the manpage, the ip command has an example in chapter 4 of its
documentation as to how to work with two interfaces, so this should
work fine.

You can tell samba to only listen on a certain interface, so that
problem should be easily solved.

Hope this helps.

-- 
         John Covici
         covici@ccs.covici.com