Hi,
I got an existing solution with shorewall where I can differentiate tun10 from
tun+ as different zone.
For example:
/etc/shorewall/zones
A ipv4
B:A ipv4
/etc/shorewall/interfaces
A tun+
B tun10
Now, I have a requirement to add tun11 to zone B.
When I do this in interfaces config:
A tun+
B tun10,tun11
It doesn't like it (although it's ok when performing shorewall check).
If the above isn't possible, is there an issue of running zone B with tap
interfaces? Is it going to break my existing routing and firewall rules
(because after reading diff between tap and tun, tap is for bridgign)? Or it's
just a straight change over from tun to tap? (I know that I need to remove the
nesting zone as I don't need them anymore).
My shorewall version: perl 4.2.9 with openvpn.
Thank you.
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
