LAN server, single ethernet interface. By defining two zones in the shorewall hosts file as:
#ZONE HOST(S) OPTIONS one eth0:10.0.0.0/8 tcpflags,nosmurfs two eth0:10.1.0.0/16 tcpflags,nosmurfs Is this correct? Because zone "two" is a subnetwork of zone "one" will packets arriving from 10.1.0.0/16 addresses always be correctly processed? Is there a chance for the firewall to erroneously process a packet coming from zone "two" (by applying rules for zone "one"?). Does the order in which the zone are defined (in the hosts file or the zones file) make difference in this specific case? Thanks, bye, Marco ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
