On Sat, 8 Sep 2012, Tom Eastep wrote: > On 9/8/12 2:06 PM, Steve Thompson wrote: >> I would have expected the "net1 net2 ACCEPT" and "net2 net1 ACCEPT" >> policies to allow this, since the KVM machine is logically attached to >> both networks. Since it doesn't work, I am missing something. I have tried >> using the bridge option in the interfaces file to no effect. I'd >> appreciate it if someone can give me a clue. > > Shorewall FAQ 17 and look for <interface>_rec
Thanks for the pointer, but I don't think that it helps me (or I just don't understand how it helps me). I do use the maclist option on the firewall's interfaces, and I do have a maclist file that lists all relevant MAC addresses, but even if I remove the maclist option from all of the network interfaces altogether, it still doesn't change anything. Steve ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
