Hi, First of all, I must say thanks again. Tom's setup work great for me :)
However, I'm coming back with a few questions... 1) what means routestopped ? I see in Tom's config file a statements saying : wlan0 192.168.0.0/22 critical Why this ? Why on wlan0 and not on eth0 ? Why critical ? Reading the doc did not give me enougth clues... 2) In interfaces, there in an option for eth0 and wlan0 (eth1 for me) saying : optional This keyword does not seem to be recognized by my version of Shorewall (3.4.4 on Ubuntu Gusty). It is also not documented in my man page. But it does not really hurt, as Shorewall seems to start anyway ... ?! What is it ? 3) In the same file, if I add the maclist option to the tun0 interface, shorewall won't start, has it seem to demand tun0 is up before it starts to use this option. But my tun0 interface is not always up (when I'm on the train or in office for example) So I commented it out, but I liked the idea to restrict vpn to my server mac address... Is there another way ? 4) in rules, what is allowBcast ? I have no such action or macro... What am I missing ? 5) Also I don't have the shorewall-perl package installed, so I let compile=shell. Does it matter ? Also the default setup in Ubuntu uses bash, not dash in shorewall.conf. Should I switch to dash ? What is the deal ? Thanks in advance, Franck Le mardi 06 novembre 2007 à 09:43 -0800, Tom Eastep a écrit : > Franck Routier wrote: > > Great ! Thanks a lot Tom. > > > > I will try this setup and have an attempt to understand how it's done. > > I might come back here to find some enlightenment on what it means, if > > needed :) > > > > Some suggested reading: > > http://www.shorewall.net/Introduction.html > http://www.shorewall.net/standalone.htm > http://www.shorewall.net/configuration_file_basics.htm > http://www.shorewall.net/Manpages.html > http://www.shorewall.net/OPENVPN.html > > -Tom > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users -- Franck Routier Axège Sarl - 23, rue Saint-Simon, 63000 Clermont-Ferrand (FR) Tél : +33 463 059 540 mèl : [EMAIL PROTECTED] ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
