Rodolfo Pilas wrote: > I have a server configured with one main IP with defaul gw and a sub-net > as additional IP. > > I have create a OpenVZ container configuration with a bridge, attached > is a diagram where you can understand configuration: > > This configuration has: > * main IP as br0 ip and route > * the first IP of the sub-net at br0:0 (as gw for containers) > * OpenVZ special interfaces vethXX.0 > (attached to bridge, one for each container) > > And now I wish to configure shorewall ;) > > I follow this document: > http://www.shorewall.net/2.0/bridge.html > but I have Shorewall 4.0.14.2
Which will never work! To configure a bridge/firewall when using kernel 2.6.20 or later, you must use other techniques. This is spelled out in large bold letters on the Shorewall home page: http://www.shorewall.net#Notice1 ------------------------------------------------------------------------------ SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
