Hi everyone,
After some testing, I have a question about an option in
/etc/default/shorewall:
wait_interface
If I add the bridge interface to that line, shorewall will not start
unless a container is brought up. I suppose that is why I was thinking
of bridging the bridge inerface with a tap interface so that it's always
available.
It seems that bridges do not start with ifup (-a) unless one of their
bridged interfaces are up.
Or I could do as Mr. Hobson does and run shorewall in a container. Would
that actually be a more insulated "secure" approach?
Thanks and kind regards,
Simon
_______________________________________________
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
