Re: [Shorewall-users] Restricting intra-LAN traffic

2018-02-22 Thread Tom Eastep
On 02/22/2018 06:08 PM, James Andrewartha wrote: > On 23/02/18 10:01, Tom Eastep wrote: >> On 02/22/2018 05:39 PM, Spyros Stathopoulos wrote: >>> As there is no access control >>> from the device itself I can only limit the connection from shorewall. >> >> The value in defining multiple zones

Re: [Shorewall-users] Restricting intra-LAN traffic

2018-02-22 Thread James Andrewartha
On 23/02/18 10:01, Tom Eastep wrote: > On 02/22/2018 05:39 PM, Spyros Stathopoulos wrote: >> As there is no access control >> from the device itself I can only limit the connection from shorewall. > > The value in defining multiple zones within a LAN is to define different > rules/policies

Re: [Shorewall-users] Restricting intra-LAN traffic

2018-02-22 Thread Tom Eastep
On 02/22/2018 05:39 PM, Spyros Stathopoulos wrote: > Greetings, > I am facing what I initially thought to be a simple matter however it is > now troubling me more than it should. > > I have setup shorewall to a pretty much standard Two-Interface > configuration [0]. My LAN is 10.0.1.0/24. As per

[Shorewall-users] Restricting intra-LAN traffic

2018-02-22 Thread Spyros Stathopoulos
Greetings, I am facing what I initially thought to be a simple matter however it is now troubling me more than it should. I have setup shorewall to a pretty much standard Two-Interface configuration [0]. My LAN is 10.0.1.0/24. As per the guide I have defined three zones, net, loc and fw and as it

Re: [Shorewall-users] preliminary query about wireguard.io (wg0) and shorewall config

2018-02-22 Thread Tom Eastep
On 02/22/2018 09:15 AM, Zenny wrote: > On Thu, Feb 22, 2018 at 6:09 PM, Zenny > wrote: > > On Wed, Feb 21, 2018 at 8:28 PM, Tom Eastep > wrote: > > Resending this, as the

[Shorewall-users] Shorewall 5.2.0 Beta 1

2018-02-22 Thread Tom Eastep
Shorewall 5.2.0 Beta 1 is now available for download. Problems Corrected: 1) This release includes defect repair through Shorewall 5.1.12.1. 2) Under rare rare circumstances, syn flood limiting specified in a policy was previously not enforced by the generated ruleset. That has been

Re: [Shorewall-users] preliminary query about wireguard.io (wg0) and shorewall config

2018-02-22 Thread Zenny
On Thu, Feb 22, 2018 at 6:09 PM, Zenny wrote: > On Wed, Feb 21, 2018 at 8:28 PM, Tom Eastep wrote: > >> Resending this, as the SF mail list problems seemed to have lost the >> original. >> >> On 02/19/2018 11:36 PM, Zenny wrote: >> > Hi, >> > >> > I

Re: [Shorewall-users] preliminary query about wireguard.io (wg0) and shorewall config

2018-02-22 Thread Zenny
On Wed, Feb 21, 2018 at 8:28 PM, Tom Eastep wrote: > Resending this, as the SF mail list problems seemed to have lost the > original. > > On 02/19/2018 11:36 PM, Zenny wrote: > > Hi, > > > > I am planning to add wireguard.io interface (wg0) > > to the