On 02/23/2016 08:38 PM, Subscribe wrote: > Thanks Tom, > > Now have: > > interfaces > ---------------- > ############################################################################### > ?FORMAT 2 > ############################################################################### > #ZONE INTERFACE OPTIONS > net enp9s0 required,logmartians=1,routefilter,sourceroute=0 > vpn tun0 > --------------- > > policy > -------------- > #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST > fw net ACCEPT > fw vpn ACCEPT > net all DROP info > # The FOLLOWING POLICY MUST BE LAST > all all REJECT info > > Nothing vpn specific in rules. > > This (now) doesn't drop/reject any vpn traffic (great), but is it correct? >
Given the difficulty that you had resolving this issue, I think that this is an appropriate configuration for you. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
