[Shorewall-users] problem with aliased interface

Wed, 20 Jun 2012 14:40:04 -0700

I recently added a new subnet to my existing network that is behind a firewall running Shorewall 4.4.16.1. I am attempting to allow traffic to route between the two subnets. The subnets are defined as per what is seen in ifconfig here: 

[root@fw10g shorewall]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:1B:21:84:AF:04
inet addr:129.116.190.250 Bcast:129.116.190.255 Mask:255.255.255.0 
          inet6 addr: fe80::21b:21ff:fe84:af04/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:893909525 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1079210487 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
RX bytes:740527359996 (689.6 GiB) TX bytes:1270877098736 (1.1 TiB) 

eth0:0    Link encap:Ethernet  HWaddr 00:1B:21:84:AF:04

          inet addr:129.116.65.225  Bcast:129.116.65.255  
Mask:255.255.255.224

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

when looking at the current documentation from

http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html


it states that you can modify the /etc/shorewall/interfaces file to 
include the following (modified from the docs to use my two subnets):


loc         eth0       129.116.190.255,129.116.65.255*routeback*



however, when I attempt to compile shorewall with this configuration I 
get this message:


Compiling /etc/shorewall/interfaces...

   WARNING: Shorewall no longer uses broadcast addresses in rule 
generation when Address Type Match is available : 
/etc/shorewall/interfaces (line 11)



in a google search I found that you can supposedly modify the line above 
and replace "routeback" with either "-" or "detect", but neither of 
those work.  Does anyone know how current versions of shorewall handle 
aliased interfaces?


Thanks.

Steve Williams

--


                     '''
                    (O O)
 ,-------------- oOO-(_)-OOo -------------,
 |            Stephen Williams            |
 |      Manager of Computer Services      |
 |       Center for Space Research        |
 |     University of Texas at Austin      |
 |     3925 W. Braker Ln., Suite 200      |
 |          Austin, TX 78759-5321         |
 |    512.471.7235  512.471.3570 (fax)    |
 |       [email protected]          |
 |____________________ Oooo ______________|
                oooO   (   )
               (   )    ) /
                \ (    (_/
                 \_)








Attachment:
smime.p7s

Description: S/MIME Cryptographic Signature


------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users






















					Reply via email to