On 12/8/12 1:25 PM, "Grant" <[email protected]> wrote:
>>> > > could someone confirm that I would have no loc zone if my only interface
>>> is eth0 connected to a separate router?
>> >
>> > You mean, you have a standalone device, which connects to your local
>> network with one interface (and the router is <somewhere else>) ?
>
> There's a router connected to the WAN and two laptops each connected to the
> router. I'm running shorewall on my laptop.
>
>> > You can still have a LOC zone, you will want to differentiate between
>> connections to/from devices on your local network and those that are remote.
>> IIRC, you'll want to define LOC in terms of IP/netmask.
>
> The docs for shorewall/interfaces say "Each interface may be listed only once
> in this file." so how can I define both loc and net since my laptop
> communicates to/from both via eth0?
man shorwall-nesting.
Also see http://www.shorewall.net/Multiple_Zones.html which is linked from
the Documentation Index (http://www.shorewall.net/Documentation_Index.html)
with the title "Multiple Zones Through One Interface"
-Tom
You do not need a parachute to skydive. You only need a parachute to skydive
twice.
------------------------------------------------------------------------------
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
