-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 10/10/2011 5:08 PM, groups, freeman wrote: > Sort of a brief, general question, having spent 8 hrs on this and > gotten nowhere. > > I currently have LEAF uC v3.1.1b3 router, with extensive shorewall > rules for eth1 (my LAN). > > If I want to migrate to using OpenVPN, road warrior setup (incl > using bridging and not routing to access the eth1 network), I need > to remove eth1 from my interfaces file and activate br0, I > believe. > > However since all my shorewall rules refer to eth1 I need to > change those to be for br0, yes? > > Just want to confirm that last point since it'll be a pile of work > (incl the fact that I have a eth1:1 interface that'll complicate > things) to do such a switch. > > I guess I could use the routing method, but prefer the bridging > method because I want to use Windows network shares, etc. > > Cheers & thanks for any feedback or tips! > > (And BTW, thanks for LEAF!) I can't comment on bridging with OpenVPN (I use routed IPSec, which *IS* a pain with windows browsing), but it's typically not that big of a deal for me to migrate low-level interfaces. I have a fairly complicated shorewall setup and physical interfaces only appear in three files (hosts, interfaces, and masq). The complex rule definitions then use the zones defined in the hosts and interfaces file, rather than the raw interface name. Perhaps something similar would simplify your transition? - -- Charles Steinkuehler char...@steinkuehler.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk6TntQACgkQLywbqEHdNFz0gQCg00CFNqW8gWrEF9h+HsoRzqId 43oAn2WDFhJOczdjmj3BRKSWCjQFB3vC =q2dF -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2d-oct ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
