Tom Eastep wrote: > Shorewall Guy wrote: > >> Robert Moskowitz wrote: >> >>> OK, I am reading the man page on zones and don't get something about >>> parent zones. >>> >>> >>> How can a zone have more than one parent, if one is not a 'grandparent'? >>> >>> The example is given: >>> >>> #ZONE TYPE OPTIONS IN OPTIONS OUT OPTIONS >>> a ipv4 >>> b ipv4 >>> c:a,b ipv4 >>> >>> How can a and b both be parents of c if neither a or b is a parent of >>> the other? >>> >>> I am looking at this in light of a grandparent would be 'the world': >>> 0.0.0.0/0, the parent rfc1918's 192.168.0.0/24, and the child >>> 192.168.32.64/26? >>> >> zones: >> >> a >> b >> c:a,b >> >> hosts: >> >> a eth0:192.168.1.0/24 >> b eth0:192.168.2.0/24 >> c eth0:192.168.1.0/23 >> c eth0:192.168.2.0/23 >> > > Shorewall-guy meant: > > hosts: > > a eth0:192.168.1.0/24 > b eth0:192.168.2.0/24 > c eth0:192.168.1.0/25 > c eth0:192.168.2.0/25
This is important in itself, as I know learn in hosts, I can define a zone to consist of a number of disjoint CIDR blocks. This is not presented in the man page for hosts. This changes my approach significantly, as I do have disjoint CIDR blocks for my internal network, some public subnets and some RFC1918 nets. Thank you for this. ------------------------------------------------------------------------------ Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
