On Tue, 2025-02-04 at 01:00 +0200, Tuomo Soini via Shorewall-users wrote: > > https://github.com/FoobarOy/foomuuri/wiki/Configuration#resolve
So that only seems to work on systmed based systems in case, given the .timer unit. Embedded platforms, such as OpenWRT, don't use systemd in any case. > You don't run ansible on target systems, usually. https://docs.ansible.com/ansible/latest/reference_appendices/interpreter_discovery.html#:~:text=Most%20Ansible%20modules%20that%20execute,is%20executed%20for%20that%20host > If you define masquerade only for ipv4 addresses, it is only for > ipv4. > > https://github.com/FoobarOy/foomuuri/wiki/Configuration#snat I probably don't have enough context to properly understand that. But honestly, looking at the syntax you are pointing me to, so many references to interfaces in rules and whatnot, this does not look like much of an abstraction over netfilter/iptables/nft/etc. Shorewall offered that abstraction, allowing me to relate interfaces to zones and then deal with rules in terms of zones. But again, I might need a more wholistic look at foomuuri to more fully understand it. But then again, the lack of ease of use or even just policy deployment on low-powered, embedded systems (i.e. shorewall remote-reload …) might preclude foomuuuri in any case. Cheers, b. _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
