Simon Hobson wrote: > > Comparing the two, am I right in thinking that it's the ability to > define zones based on physical device that is removed ? Hence the > change from : > >> #ZONE HOST(S) OPTIONS >> net br0:eth0 >> loc br0:eth1 >> #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS LINE -- DO NOT REMOVE > > to > >> #ZONE HOST(S) OPTIONS >> loc br0:192.168.1.0/24!192.168.1.10/31,192.168.1.254 >> #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS LINE -- DO NOT REMOVE
You are correct. In kernel 2.6.20, the Netfilter Physdev Match capability has been scaled back to the point that it is no longer suitable for use in defining Shorewall zones. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
