On Mon, 2007-07-30 at 12:16 +0100, Simon Hobson wrote: > > As for protecting the Dom-0, you can again run Shorewall and follow > the single interface examples - just using eth0 and not assigning IP > addresses to any of the vif0.n interfaces.
He would still need to define each bridge as its own dummy zone with 'routeback' and possibly 'dhcp' (and 'bridge', if using Shorewall-perl). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
