On 08/06/2017 09:43 AM, Roel de Wildt wrote: > Hi Tom, > > I have installed the ipset utility and the compile errors are gone. But > I can not access the internet from the 10.4.x.x subnet. >
Shorewall zones are defined by both interface and ip addresses. Since gast, net, vpn and lan have distinct interfaces, there is no zone nesting in your configuration. Yet, you have defined zone nesting in the zones file. Please change your zones file to fw firewall net ipv4 lan ipv4 gast ipv4 vpn ipv4 And with the exception of tun+, I don't believe that you want 'routeback' on your interfaces. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
