On 3/25/2014 1:01 PM, Axel Zöllich wrote: > If I got this right, I'ld like to bridge ipsec and eth0:223, but how can I > achieve this with shorewall? >
You have it wrong. You basically want to define the subnet twice to Shorewall -- once in an ipsec zone and once in an ipv4 zone. Then allow/deny traffic as needed. First, sure that the traffic flows correctly with Shorewall in the cleared state. Then start Shorewall and adjust the rules/policies as needed. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/13534_NeoTech
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
