Thanks for the reply Tom, > > The document you have been reading applies to the Shorewall 3.x series; > hopefully, you are running Shorewall 4.4 on Fedora 15.
My apologies, I missed that. I had though already tried the main shorewall-perl configuration and had the same result. I then stumbled across the v3 docs, and believed that was the correct doc as it covered my kernel version and 'newbridge'. >> Rules: > That isn't the rules file Sorry, typo > And your fw->net policy is REJECT Yes, I knew this, I wanted to get the firewall bridge working then worry about the rest. I have now gone back to the main documentation - http://www.shorewall.net/bridge-Shorewall-perl.html, but am still having the same issue. I cannot restrict any traffic between the net and loc zones on either side of the bridge. I can control traffic to/from the bridge using world zone, but nothing else. My config: FC 15 2.6.38.6-27, Shorewall 4.4.17. Zones - #ZONE TYPE OPTIONS IN OUT fw firewall world ipv4 net:world bport loc:world bport Policy - #SOURCE DEST POLICY LOG LIMIT: CONNLIMIT: loc net ACCEPT $FW all ACCEPT net all DROP info all all REJECT info Interfaces - #ZONE INTERFACE BROADCAST OPTIONS world br0 detect bridge net br0:em1 loc br0:em2 Rules - SSH/ACCEPT world $FW Thanks in advance David ------------------------------------------------------------------------------ EditLive Enterprise is the world's most technically advanced content authoring tool. Experience the power of Track Changes, Inline Image Editing and ensure content is compliant with Accessibility Checking. http://p.sf.net/sfu/ephox-dev2dev _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
