On Wed, Apr 02, 2008 at 10:10:19AM -0700, Tom Eastep wrote: > shacky wrote: >> I'm configuring Shorewall on a server running VMWare which is using >> bridged interfaces to the virtual machines. >> How I have to setup the rules for the virtual, which have an own IP >> address on the bridged interface of VMWare? > > Unless VMware has changed since I last ran it, you can't. When I ran > VMware, its bridging was invisible to the host IP stack. KVM, on the > other hand, uses standard Linux bridges and is easy to integrate with > Shorewall.
I could not wring any sense out of the question, but vmware's so-called "host only" network connection is equivalent to a network card in the guest and one in the host, connected back to back. From there you configure the host like any other router. "Bridged" mode is *by definition* invisible to the host. Its sole purpose is to bypass the host's network layer and dump frames directly onto the wire. (The vmware host application also has a lame "NAT" mode which is "host only" mode plus a userspace IP proxy running on the host; it sounds impressive to marketdroids but it's pathetic compared to what linux can do natively) ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
