Michael Weickel - iQom Business Services GmbH wrote: > OK - I figured out what it is but maybe someone can give an explanation > here. > > If I use he multiple zones configuration I have to do in addition > > Hosts > > v3005 vlan3005:0.0.0.0/0 > > And of course this seems to be very logic since this means all ip´s on the > internet. > > But I am still confused a lot why this is the first time I have to do it > after using Shorewall over years without to be forced to say 0.0.0.0/0. > > If I use non-multiple configuration it works perfectly as well without the > need to configure 0.0.0.0/0 but the broadcast of the subnet, linked to the > next-hop pointing Shorewall to the public internet. > > So from my side there stays nothing against configuring 0.0.0.0/0 in > multiple zones but I am still interested why the need occurs in my special > environment. > > Any help would be appreciated.
I suspect that in the past you have been specifying a zone name rather than '-' in the ZONE column of /etc/shorewall/interfaces in addition to an entry in /etc/shorewall/hosts. That has the same effect as putting 0.0.0.0/0 in the /etc/shorewall/hosts file. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
