Marco Romano wrote: > Thanks Tom, > imagine we have eth0 with 10.1.0.0/16 and eth1 with 10.0.0.0/8. > Of course in eth1 I will have all the 10.0.0.0/8 subnets except the > 10.1.0.0/16 one because it is on eth0. > But will shorewall understand this by just using its detectnets feature?
Shorewall doesn't even need the detectnets feature to 'understand' that configuration. Consider the normal two-interface case: eth0 has 0.0.0.0/0 (net) eth1 has 10.1.0.0/16 (loc) 10.1.0.0/16 is a subnet of 0.0.0.0/0 -- your case is no different. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
