We have a customer that has a "binary accelerator" basically it caches any traffic passing through it. The problem is the traffic is only one way, the return route is not though their tunnel. This causes problems with the firewall because the connection is already establish but not in the connection tracking. If I leave an interface out of /etc/shorewall/interfaces will that the firewall from occurring filtering on that interface? The interfaces in question are vpn tapX interfaces and should be allowed to send any traffic regardless of connection state.
Thanks much, Ryan ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
