On 02/06/2014 01:33 PM, Simon Hobson wrote: > Jan Hoersch <[email protected]> wrote: > >> Sorry for the misconception, but we are not using the vif name in our rules. >> There's one host configured with the ip adresses. (see /etc/shorewall/hosts) >> The rules are using: domu:<ip> to firewall individual guests >> ACCEPT all domu:10.1.2.153 tcp 80,443 >> # http/https > And what is "domu" defined as (interfaces and zones files) ?
"domu" is an ipv4 zone with hosts which are configured in /etc/shorewall/hosts (last mail) the only interface configured is the bridge xenbr0. ------------------------------ /etc/shorewall/zones fw firewall domu ipv4 net ipv4 ----------------------------- /etc/shorewall/interfaces net xenbr0 detect dhcp,bridge,routeback ------------------------------ ------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
