Tom Eastep wrote: >> Well, in that case you need to call the first option "loopback" (because >> that's what this really is, it isn't "local") and the second "local". >> >> Both should only have fw2<X> and <X>2fw chains (X being the loopback and >> local zones) and in addition, for the local zone, there should also be >> local2local chain in case where there is more than one interface defined >> for that local zone. >> > > We're on the same page. I've just about finished implementing exactly what > you describe. > Forgot to add something which should be pretty obvious given what was discussed earlier - neither options should have the lo-only restriction.
------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
