Jerry Vonau wrote: > Felix Bolte wrote: >> is there any way to set up such an environment without having 100 zones and >> interfaces if i have 100 VL > > > Have you looked at the hosts file? > Have a look at parallel zones section at: > http://www.shorewall.net/Multiple_Zones.html > > You want to control traffic based on ip network right? > > Think the zone layout needs a bit of work. You could try something like > in the hosts file: > > eth0.1234 eth0.1234:172.16.10.0/29 > eth0.1235 eth0.1235:172.16.10.8/29 > > while changing interfaces to: > - eth0.1234 172.16.10.7 > - eth0.1235 172.16.10.15 > > Hoping that is the quick fix for you, > > Jerry > > Boy does coffee open the eyes, the vlan defined in the hosts file would be the same a defining it in the interfaces file, so I don't think that will help you. Don't think you could get around having to define all the zones/interfaces for your vlans if you need to control traffic from vlan to vlan.
Sorry for the misleading statement, Jerry ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
