Re: [Shorewall-users] vlan tagged interface

Mon, 21 Oct 2013 07:18:55 -0700 

On 10/20/2013 2:41 PM, matt darfeuille wrote:
> Hi,
> 
> I am looking to implement vlan tagged interfaces on a debian 7 box.
> Should they be treated as regular interfaces (eg: 
> /etc/shorewall/interfaces zones eth1.100 ...)?

Yes.

> 
> Can the maclist option in /etc/shorewall/interfaces/hosts be used on 
> virtual interface?: mainly vlan interface and tun interface?

It can be used on a vlan interface, but tun interfaces are
point-to-point so maclist isn't appropriate for those.


> Regarding some feedback for shorewall 4.5.22/4.5.21.2:
> In /etc/shorewall/interfaces it is mentioned "BROADCAST (Optional) - 
> {-|detect|address[,address]...} Only available if FORMAT 1." and it 
> is also  mentioned that format 1 is deprecated in favor of format 2.
> Is there not a dichotomy between the preferred format(format 2) and 
> some pages/examples on the shorewall site which are still using the 
> deprecated format(format 1)!?

Yeah, I'm sure that isn't the only anachronism in the docs.

> So the question would be: is there a way to have an equivalent to the 
> broadcast column using format 2?

No -- the BROADCAST column contents aren't used at all any more; that's
why format 2 was created. When I have some time, I'll make a sweep of
the docs and remove most references to BROADCAST.

Thanks,
-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to