Philip S. Hempel wrote: > > What happens with the configuration I have right now is the tcrules > complain that dmz0 is down, that is not actually true, it just does not > have an IP address. > Does the traffic controlling in shorewall require an address to control > the bandwidth?
The attached patch should correct that problem. > > Secondly I thought that I could actually do rules between the interfaces > over the bridge. > Basically I wanted to control net0 to dmz0 and I thought this was > possible but it seems that it doesn't work. > > I do get some blocking at dmz0 but I am not sure why. I seem to only be > blocking on some things but it should be blocking on everything based on > my config right now. There is nothing that I can do with that problem statement. It doesn't contain enough information to let us even understand the problem, let alone solve it. What we need is: a) The output of "shorewall dump" collected as described at http://www.shorewall.net/support.htm#Guidelines. b) A *concise* statement of what you tried, what you expected to happen and what you actually observed happening. > > I actually have my policy setup like this > <folded copy of config files deleted> > > Is it possible to do what I want? Should be. > Will I need to use ebtables to get what I am looking for? I wouldn't think so. But we'll need a more complete problem report to solve your problem. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Index: Shorewall/Tc.pm
===================================================================
--- Shorewall/Tc.pm (revision 7033)
+++ Shorewall/Tc.pm (working copy)
@@ -449,7 +449,7 @@
$defmark = "${prefix}${defmark}" if $defmark;
- emit "if interface_is_usable $device; then";
+ emit "if interface_is_up $device; then";
push_indent;
@@ -478,7 +478,7 @@
emit 'else';
push_indent;
- emit qq(error_message "WARNING: Device $device not up and configured -- traffic-shaping configuration skipped");
+ emit qq(error_message "WARNING: Device $device is not in the UP state -- traffic-shaping configuration skipped");
emit "${dev}_exists=";
pop_indent;
emit "fi\n";
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
