On 11/1/2020 2:06 PM, Witold Tosta wrote: > > W dniu 2020.11.01 o 12:22, Pablo Sebastian Greco pisze: >> On 1/11/20 07:56, Chris Bell wrote: >>> On Saturday, 31 October 2020 21:12:24 gmtpe...@kahn.nu wrote: >>>> Thanks so much for answering! >>>> seems like I have to makee another installation! >>>> Youre the best! >>>> >>>> /peter >>> No you do not require two machines, shorewall and shorewall6 work >>> together, >>> and some of the configuration files can be shared. The problem is >>> that IPv4 and >>> IPv6 require different treatment, so some of the processing can't be >>> shared. >> >> I normally try to symlink as much as I can from one to the other, and >> I put all the IP specific things in "params", so even the rules file >> could be shared. >> >> Pablo >> > Exactly. This is the correct approach. Simply you create symlinks from > one configuration folder ex. from one well configured IPv4 shorewall > /etc/shorewall/some_file to /etc/shorewall6/symlink_of_some_file. You > may symlink rules file, tcrules and others. Overall, IPv6 traffic rules > are very similar to IPv4 from a firewall point of view. Besides of > course "the odd" IPv6 addressing :-) > >
See also (1). 1) https://shorewall.org/SharedConfig.html -- Matt Darfeuille <m...@shorewall.org> Community: https://sourceforge.net/p/shorewall/mailman/message/37107049/ SPC: https://sourceforge.net/p/shorewall/mailman/message/36596609/ Homepage: https://shorewall.org _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
