On 11/22/10 5:50 PM, Tom Eastep wrote: > On 11/22/10 5:25 PM, lanas wrote: >> Hello, >> >> This is using version 4.4.11.3 (Debian). >> >> The following error occurs: >> >> ERROR: Duplicate Host Group (eth1:10.128.23.34/16) in zone loc : >> >> The configuration is a test config. Commented lines removed to keep >> it clear: >> >> # cat zones >> fw firewall >> loc ipv4 >> >> # cat interfaces >> loc eth1 - >> >> # cat hosts >> loc eth1:10.128.23.34/16 > > You have already declared in the interfaces file that the 'loc' zone > includes all hosts connecting through eth1. So of what possible use is > the entry in hosts?
If you really want to restrict 'loc' to 10.128.0.0/16, then:
interfaces:
- eth1 -
hosts:
loc eth1:10.128.0.0/16 broadcast
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Increase Visibility of Your 3D Game App & Earn a Chance To Win $500! Tap into the largest installed PC base & get more eyes on your game by optimizing for Intel(R) Graphics Technology. Get started today with the Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs. http://p.sf.net/sfu/intelisp-dev2dev
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
