My running kernel is 2.6.18-4-k7 and my shorewall shell is /bin/ash this is a stock kernel and all required iptables modules are present
Le vendredi 13 juillet 2007 à 15:19 +0200, Tristan DEFERT a écrit : > Hi list users, > > i use new bridging method since few days and i cannot set > up /etc/shorewall/hosts as written in doc. > > That means i do not identify anymore my bridge zones by interface like > this: > wan $bridge_interface:$wan_interface > dmz $bridge_interface:$dmz_interface > > But i now use: > dmz $bridge_interface:$dmz_subnet,!$router_ip > > but this syntax does not work for me. > Instead of EXCLUDING one or more hosts from my dmz zone (doesn't work) > i must use this kind of syntax: > dmz $bridge_interface:$dmz_addresses_pool > where $dmz_addresses_pool covers my whole subnet class but the router: > so i do not exclude anything, but i define a shrinked pool within my > subnet. > > did anyone succeed with such a setup where !exclusion is used within > shorewall/hosts ? > > what could affect this behaviour? what lacks (if so) to iptables? > I do not use such an exclusion anywhere else in shorewall. > > any feedback welcome! > > Tristan > > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by DB2 Express > Download DB2 Express C - the FREE version of DB2 express and take > control of your XML. No limits. Just data. Click to get it now. > http://sourceforge.net/powerbar/db2/ > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
