Hi all, at office me and my collegaue have configured an Ubuntu Server 10.04 with OpenVPN (2.1~rc19-1ubuntu2) in bridged mode and shorewall 4.2.10-1. Here a schematic representation: http://img155.imageshack.us/img155/8264/netb.jpg
The ubuntu host is in the lan, it has several interface but only one is working (eth0) and is not connected directly to the router/mode. The eth0 interface is bridged to the tap0 (virtual) interface in the br0 interface. br0 has the provate ip 192.168.100.3. On the router/modem there's a NAT 1-to-1 of a static public IP versus the ubuntu server machine (89.x.y.z -> 192.168.100.3). Actually several roadwarriors use to connect to the lan office and the relative shares (this is why the bridged mode is needed). I've read the documents on the shorewall site web and now I'm confused about several question. Some question: - From OpenVPN docs I know that in the bridged mode the br0 interface must be not firewalled. So in my case is useless a firewall? - Anyway using shorewall is corretc to put in the intefaces file for zone/interface/broadcast/options the only line "lan br0 192.168.100.255 routeback" with no net zone? My doubt is: if I have not to firewall the br0 interface I've to put in the policy file the ACCEPT policy to lan->net and net->lan and consequently no control at all. Any advice to clarify this doubts? Thanks, Marco ------------------------------------------------------------------------------ Oracle to DB2 Conversion Guide: Learn learn about native support for PL/SQL, new data types, scalar functions, improved concurrency, built-in packages, OCI, SQL*Plus, data movement tools, best practices and more. http://p.sf.net/sfu/oracle-sfdev2dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
