> > could someone confirm that I would have no loc zone if my only
interface is eth0 connected to a separate router?
>
> You mean, you have a standalone device, which connects to your local
network with one interface (and the router is <somewhere else>) ?
There's a router connected to the WAN and two laptops each connected to the
router. I'm running shorewall on my laptop.
> You can still have a LOC zone, you will want to differentiate between
connections to/from devices on your local network and those that are
remote. IIRC, you'll want to define LOC in terms of IP/netmask.
The docs for shorewall/interfaces say "Each interface may be listed only
once in this file." so how can I define both loc and net since my laptop
communicates to/from both via eth0?
- Grant
> Alternatively, you can have just one zone and define any rules for on-net
traffic to include the local network IP/netmask (or individual machine IP)
if you prefer.
------------------------------------------------------------------------------
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
