Re: [Shorewall-users] Shorewall and vlan

Tristan DEFERT Fri, 15 Jun 2007 06:08:23 -0700

Hi Franck,

from a shorewall point of view, simply treat VLANs as normal
interfaces !
No difference, since VLAN are handled by the network layer of the
kernel, and shorewall is not aware of this.


Si tu veux plus d'infos en FR-fr, droppe-moi un email ;-)


Le vendredi 15 juin 2007 à 14:43 +0200, Franck a écrit :
> Hi,
> 
> i've a bering uclinux distrib with shorewall v 3.2.x
> I don't find any doc about shorewall and vlan :( Is it possible to work
> with both ?
> Is anyone can help me (examples, docs) about this ?
> 
> Regards
> 
> Franck
> 
> # /etc/network/interfaces
> ---------------------
> auto eth1
> iface eth1 inet static
>       address 10.1.1.254
>       netmask 255.255.255.0
>       broadcast 10.1.1.255
> 
> auto eth1.3
> iface eth1.3 inet static
>       address 10.1.3.254
>       netmask 255.255.255.0
>       broadcast 10.1.3.255
> 
> # /etc/shorewall/params
> ---------------------
> ETH_LAN=eth1
> ETH_VLAN=eth1.3
> 
> # /etc/shorewall/interfaces
> ---------------------
> emoti   $ETH_LAN      detect
> vlan   $ETH_VLAN      detect
> 
> # /etc/shorewall/policy
> ---------------------
> emoti          net             ACCEPT
> vlan          net             ACCEPT
> emoti            vlan            NONE
> vlan            emoti            NONE
> 
> # /etc/shorewall/zones
> ---------------------
> emoti ipv4
> vlan  ipv4
> 
> # /etc/shorewall/rules
> ---------------------
> # VLAN -> FIREWALL
> # =======================
> SSH/ACCEPT            vlan        fw
> WebSimple/ACCEPT      vlan        fw
> Ping/ACCEPT           vlan        fw
> SNMP/ACCEPT           vlan        fw
> DNS/ACCEPT            vlan        fw
> Ping/ACCEPT    fw           vlan
> 
> 
-- 
Tristan DEFERT

Société Alpha Mosa

__________________________________________________________________

Tél. (33) 03 26 48 17 56        Internet : http://www.alphamosa.fr

Fax. (33) 03 26 48 10 87            eMail : [EMAIL PROTECTED]


-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Re: [Shorewall-users] Shorewall and vlan

Reply via email to