On 5/11/13 4:25 PM, "Dash Four" <[email protected]> wrote:
>What I have as part of my configuration on one of the servers is a local
>zone defined for the loopback interface, which has 5 ip addresses
>(127.0.0.1-127.0.0.5). I see that shorewall has generated local2*
>sub-chains in my local_frwd chain, as well as *2local for all other
>zones, but these will *never* match any traffic.
>
>Is there a way this could be optimised away, perhaps with using a new
>option for the interface ('local' maybe), indicating that this zone is
>local and instruct shorewall not to attempt to generate all these
>non-sensical sub-chains?
You can make them 'server' zones.
-Tom
You do not need a parachute to skydive. You only need a parachute to
skydive twice.
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and
their applications. This 200-page book is written by three acclaimed
leaders in the field. The early access version is available now.
Download your free book today! http://p.sf.net/sfu/neotech_d2d_may
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
