Hi, I have several internet connections and for convenience I thought it might be useful to group them by "type". So I tried to figure out the correct way to do something like:
zones: fw firewall net ipv4 loc ipv4 eth:net ipv4 wl:net ipv4 ppp:net ipv4 interfaces: eth eth0 detect optional eth eth1 detect optional wl wlan0 detect optional wl wlan1 detect optional ppp ppp0 detect optional ppp ppp1 detect optional However, I get a warning about "net" being empty and my rules aren't behaving the way I expect (everything seems blocked... I have IMPLICIT_CONTINUE=yes) While I debug this, can I just check that the above should work as desired, ie I can set rules from loc/fw to net and those rules will implicitly apply to all the subzones eth/wl/ppp? Basically in this case I just want to use "net" as a group name for all my subzones. (The use case is that I might want to apply policies on classes of interface, eg block voip traffic over the ppp interface, but allow over the wl/eth interfaces) Thanks Ed W ------------------------------------------------------------------------------ Learn Windows Azure Live! Tuesday, Dec 13, 2011 Microsoft is holding a special Learn Windows Azure training event for developers. It will provide a great way to learn Windows Azure and what it provides. You can attend the event by watching it streamed LIVE online. Learn more at http://p.sf.net/sfu/ms-windowsazure _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
