Tom Eastep wrote: >> Please post your interfaces and hosts files. No hosts, interfaces was in the original message. # cat interfaces #ZONE INTERFACE OPTIONS FORMAT 2 net eth2 br eth0 bridge br eth1 bridge
>I ask, because what it looks like is that you have not defined eth0 and >eth1 to Shorewall as bridge ports. So compiler is generating '-i' and >'-o' matches for eth0 which never match when eth0 is a port on a bridge. > >To define it as a bridge port, in your interfaces file: > >z br0 - bridge >- br0:eth0 That'll be it then. Something to try in the morning. I thought it would be something simple ! >Also note that even if you do define eth0 to be a bridge port, when you >place 'eth0' in the DEST column, it will only account for traffic >forwarded from another port on the bridge. That behavior has been in >place since Kernel version 2.6.21. That's OK, it's all I'm interested in - in fact there won't (or shouldn't) be any other traffic.
signature 51.asc
Description: mailforge
------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnnow-d2d
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
