W dniu 2020.11.01 o 12:22, Pablo Sebastian Greco pisze:
On 1/11/20 07:56, Chris Bell wrote:
On Saturday, 31 October 2020 21:12:24 [email protected] wrote:
Thanks so much for answering!
seems like I have to makee another installation!
Youre the best!
/peter
No you do not require two machines, shorewall and shorewall6 work together,
and some of the configuration files can be shared. The problem is that IPv4 and
IPv6 require different treatment, so some of the processing can't be shared.
I normally try to symlink as much as I can from one to the other, and
I put all the IP specific things in "params", so even the rules file
could be shared.
Pablo
Exactly. This is the correct approach. Simply you create symlinks from
one configuration folder ex. from one well configured IPv4 shorewall
/etc/shorewall/some_file to /etc/shorewall6/symlink_of_some_file. You
may symlink rules file, tcrules and others. Overall, IPv6 traffic rules
are very similar to IPv4 from a firewall point of view. Besides of
course "the odd" IPv6 addressing :-)
Best regards,
Witek
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
