Hi,
I am looking to implement vlan tagged interfaces on a debian 7 box.
Should they be treated as regular interfaces (eg:
/etc/shorewall/interfaces zones eth1.100 ...)?
Can the maclist option in /etc/shorewall/interfaces/hosts be used on
virtual interface?: mainly vlan interface and tun interface?
I read the shorewall alias page along with the shorewall maclist/mac
verification page but I have still some doubts about whether the
maclist option can be implemented on vlan/tun interface or not?
Regarding some feedback for shorewall 4.5.22/4.5.21.2:
In /etc/shorewall/interfaces it is mentioned "BROADCAST (Optional) -
{-|detect|address[,address]...} Only available if FORMAT 1." and it
is also mentioned that format 1 is deprecated in favor of format 2.
Is there not a dichotomy between the preferred format(format 2) and
some pages/examples on the shorewall site which are still using the
deprecated format(format 1)!?
from http://www.shorewall.net/dhcp.htm :
"If you don't know the subnet address in advance, you should specify
"detect" for the interface's subnet address in the
/etc/shorewall/interfaces"= format 1?
So the question would be: is there a way to have an equivalent to the
broadcast column using format 2?
matt
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
