I have a server configured with one main IP with defaul gw and a sub-net as additional IP.
I have create a OpenVZ container configuration with a bridge, attached is a diagram where you can understand configuration: This configuration has: * main IP as br0 ip and route * the first IP of the sub-net at br0:0 (as gw for containers) * OpenVZ special interfaces vethXX.0 (attached to bridge, one for each container) And now I wish to configure shorewall ;) I follow this document: http://www.shorewall.net/2.0/bridge.html but I have Shorewall 4.0.14.2 shorewall.conf BRIDGING=Yes zones fw firewall net ipv4 loc ipv4 policy fw net ACCEPT loc net ACCEPT net fw DROP info net all DROP info all all REJECT info interfaces - br0 70.12.10.191 rules HTTP/ACCEPT net loc hosts net br0:eth0 loc br0:veth101.0 loc br0:veth102.0 ... loc br0:beth105.0 shorewall check: Shorewall configuration verified but shorewall start: Applying Policies... Activating Rules... iptables: Invalid argument ERROR: Command "/sbin/iptables -A OUTPUT -o br0 -j br0_out" Failed IP Forwarding Enabled Terminated Can you provide me a tip how I can configure shorewall for this bridged configuration of OpenVZ containers? Thank you. Rodolfo Pilas
<<inline: OpenVZ-Shorewall.jpg>>
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
