On Wed, 2011-11-09 at 14:43 -0800, Eric Horst wrote: > For a few years we have been using a configuration for multiple zones > through one interface (actually eth+) using the interfaces and hosts > files. (We've got this on 600+ servers as a modular host-based > firewall.) Many of our hosts have two eth devices. For background > here's existing config: > > /etc/shorewall/interfaces: > - eth+ detect > > /etc/shorewall/hosts: > net eth+:0.0.0.0/0 > uw eth+:$N_ALL_UW_AFFILIATED
So uw is a subzone of net; have you defined it that way in /etc/shorewall/zones? -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ RSA(R) Conference 2012 Save $700 by Nov 18 Register now http://p.sf.net/sfu/rsa-sfdev2dev1
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
