On 8/6/2014 4:32 PM, merc1...@f-m.fm wrote: > On Wed, Aug 6, 2014, at 13:21, Tom Eastep wrote: >> I'm still unclear about the topology. Is Shorewall installed on the >> "workstation". Is the Shorewall box the "router" or do you have another >> on-premises router? >> >> The Shorewall system seems to have both an ethernet interface and a >> wireless interface - what are they each connected to? > > Yes, again the eth0 interface is not being used. It's not connected to > anything. wlan0 is what does everything, as per the config files. I > have the config files set that way because that's the only interface > that is used. > > The router is a typical consumer-grade wireless router. > > The Shorewall box is the workstation, which is connected to the > consumer-grade router, which is connected to the internet through its > wan port. The Shorewall box workstation is also communicating with the > rest of the LAN (each machine of which is also running Shorewall) > through the consumer-grade router. The consumer-grade router is the > switch for the LAN, plus it has the internet on WAN. > >>> Interfaces: >>> - lo ignore >>> net all physical=+,routeback,optional >>> >>> Policy: >>> $FW all REJECT info(uid) >>> net all DROP info(uid) >>> local all REJECT info(uid) >>> all all REJECT info(uid) >>> >>> Stoppedrules: >>> #ACCEPT wlan0 - >>> #ACCEPT - wlan0 >>> #ACCEPT eth0 - >>> #ACCEPT - eth0 >>> >>> Zones: >>> fw firewall >>> net ipv4 >>> local ipv4 >>> >>> As I've just reconfigured Shorewall to the new methods, these are my >>> only config files, besides shorewall.conf and rules. >> >> I don't see a definition of the 'local' zone. > > Yes and I get an error with shorewall check for that but I don't know > why. There is no network local to this machine, although there may be > at some point down the line.
You are getting a warning, not an error. The warning reports that the 'local' zone is empty. Please send me privately, the output of 'shorewall dump' as an attachment. Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
