On Fri, Apr 04, 2008 at 04:51:10PM -0700, Steve Lamb wrote: > On Fri, April 4, 2008 9:54 am, Andrew Sackville-West wrote: > > On Fri, Apr 04, 2008 at 09:17:46AM -0700, Steve Lamb wrote: > >> Something in the process I am missing is. I have to be missing > >> something since my configuration, especially this single ethernet > >> card test, should work. I can't find any glaringly obvious > >> difference from the many examples I've seen and my configurations. > >> Thank you for discussing it with me, however, since sometimes just > >> having a sounding board will get the ol' synapses firing. :) > > I think there is something here. Do you, or anyone, know if telling > Shorewall not to load in /etc/defaults/shorewall mean everything is wide > open or that it loads some set which only allows those interfaces with > routestopped to talk? If it is the latter that might be the problem > since only eth0 and eth1 are in my shorewall configuration and neither > of those are actively in use under Dom0.
so far as I know, having shorewall turned off in /etc/defaults/shorewall completely prevents it from running. So you would be left with bog standard iptables setup -- wide open. A
signature.asc
Description: Digital signature
