--- Tom Eastep <[EMAIL PROTECTED]> wrote:
> Vieri Di Paola wrote:
>
> > I just setup a bridge with kernel 2.6.20 and
> followed
> > the instructions at
> > http://www.shorewall.net/NewBridge.html.
> >
> > Since zone definitions are now IP-based and not
> > ports-based then doesn't this imply a weaker
> security
> > mechanism?
>
> Yes, it does.
Too bad for me that they introduced a major handicap.
In my case, I need the bridge but I also need an IPsec
tunnel which only works on 2.6.20 when bridged.
I found a custom solution but it's not as good a
security policy as it should be.
Thanks for confirming my fears.
____________________________________________________________________________________
Get the Yahoo! toolbar and be alerted to new email wherever you're surfing.
http://new.toolbar.yahoo.com/toolbar/features/mail/index.php
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
