Mike Lander wrote: > >> not sure how to config shorewall or if I have this bridge right but >> now there seems to be several ways to config shorewall here >> which shorewall docs should I look at with suse 11.1 and shorewall 4.2.9? >> > I used the shorewall simple bridge since this seem to fit when no traffic > control is needed, Can I still shape traffic? > interfaces > #ZONE INTERFACE BROADCAST OPTIONS > net eth0 detect tcpflags,nosmurfs > loc br0 detect routeback,bridge
You don't need 'bridge'. > > Seemed to simple that all I needed is to edit interfaces > there is nothing in tunnels or zones and I got this error > > Checking /etc/shorewall/masq... > ERROR: Unknown Interface (eth1) : /etc/shorewall/masq (line 18) > so changed that to > > #INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC > MARK > eth0 br0 > > Is this all there is to this? Yes. Also why is it not mentioned to change snat for internet > access? from br0 to wan eth0? The two-interface quickstart guide tells you to change /etc/shorewall/masq to match your setup. > On the simple bridge it states > "This example illustrates the bridging of two ethernet devices but the types > of the devices really isn't important" > Not trying to be smart here but I dont feel like have got this right with so > little shorewall config here? That's because it is really very very simple. It is a two-interface basic setup with the local interface being 'br0' rather than an ethernet device. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
