Michael Kress wrote: > Cool, thanks for your tip I can confirm it to be working. > So which of the two ways is the preferred way, the two interface way > with proxyarp or the bridge way?
As I've said a couple of times in this thread, I prefer the routed configuration. > I guess as regards to security there's no difference. Actually, the routed configuration gives you more control. You can define fw->net and fw->dmz policies and rules whereas with the bridge, you cannot. > What about future versions of shorewall, which way will be "more > compatible"? Shorewall will always work on a router. > > If you'd like to include my bridge example in the docs, see below. > Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
