Hi, I want to implement wireless access to my dmz and I am not sure how I need to configure shorewall.
On openwrt I have a vlan interface which is bridged with a wireless interface in AP mode: /etc/config/network: ... config interface 'dmz' option ifname 'eth0.300' option proto 'dhcp' option type bridge ... /etc/config/wireless ... option mode 'ap' option network 'dmz' ... Now I am not sure in shorewall what to do?: /zones dmz ipv4 -- /interfaces dmz eth0.300 destonly,dhcp,bridge /policy all+ all+ REJECT -- /interfaces dmz eth0.300 dhcp,bridge /policy dmz $FW ACCEPT $FW dmz ACCEPT -- An other alternative? Basically what is the best way in shorewall to isolate my dmz interface from the other interfaces without filtering traffic! -- /interfaces.annotated # dhcp ... # Note # # If you use Shorewall-perl for firewall/bridging, then you need to # include DHCP-specific rules in shorewall-rules(8). DHCP uses UDP # ports 67 and 68. # Is the following enough?: DHCPfwd(ACCEPT) $FW zonename,zonename,... Thanks in advance for your help!!!:) -Matt ------------------------------------------------------------------------------ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
