On 10/7/23 05:20, Christophe PEREZ wrote:
Hi,
I've been going around in circles for several days without finding a
solution, although I have read the docs in every direction and done
multiple searches.
I am unable to use dynamic zones with shorewall.
I'm using Gentoo, and my kernel is compiled
You're right, that's not an answer :D
But thanks anyway.
I finally achieved this with a very empirical method.
The details are here:
https://forums.gentoo.org/viewtopic-p-8804101.html#8804101
Le samedi 07 octobre 2023 à 10:16 +0200, Matt Darfeuille a écrit :
> Not realy an answer but have a look
Now that I have finally managed to activate the dynamic zones, I would
like to be able to use them to allow ssh access to my FW on the fly.
I only have one interface: eth0
zones:
fw firewall
net ipv4
sshok:net ipv4dynamic_shared
hosts:
sshok et
Seems I just needed a line added in policy
sshok all CONTINUE
Le samedi 07 octobre 2023 à 19:24 -0400, Christophe PEREZ a écrit :
> Now that I have finally managed to activate the dynamic zones, I
> would
> like to be able to use them to allow ssh access to my FW on the fly.
Or better yet, just replace the ssh accept rule with:
SSH(ACCEPT) sshok fw
Like this you won't need that like in the policy file.
On Sun, 8 Oct 2023, 04:23 Christophe PEREZ, wrote:
> Seems I just needed a line added in policy
> sshok all CONTINUE
>
> Le samedi 07 octobre
