On 5/26/13 3:16 PM, "Dash Four" <[email protected]> wrote:
> >Tom Eastep wrote: >>> Well, in that case you need to call the first option "loopback" >>>(because >>> that's what this really is, it isn't "local") and the second "local". >>> >>> Both should only have fw2<X> and <X>2fw chains (X being the loopback >>>and >>> local zones) and in addition, for the local zone, there should also be >>> local2local chain in case where there is more than one interface >>>defined >>> for that local zone. >>> >> >> We're on the same page. I've just about finished implementing exactly >>what >> you describe. >> >Forgot to add something which should be pretty obvious given what was >discussed earlier - neither options should have the lo-only restriction. Loopback will still have that restriction. -Tom You do not need a parachute to skydive. You only need a parachute to skydive twice. ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
