Dear Sirs This problem I saw using version 2.2.2. But I read the /etc/shorewall/proxyarp from version 2.4.3 and I didn''t see changes on the comments. I''m not sure if it was fixed. In fact it''s a cosmetic bug. /etc/shorewall/proxyarp #INTERFACE Local interface where system is connected. If the # local interface is obvious from the subnetting, # you may enter "-" in this column. You can only use "-" in this parameter if HAVEROUTE is "Yes". If it''s "No", INTERFACE must be an interface name. With INTERFACE = "-" and HAVEROUTE = "No", you got: Creating Interface Chains... Configuring Proxy ARP Cannot find device "-" <===Restoring Shorewall... -- Guilsson ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
I add another question on this: Why you would use "-" on INTERFACE column if Shorewall cannot know which subnet the system is ? I think the INTERFACE must be always an interface name. In my setup, first column is always an external (Internet) address. And I have 8 ethernet on the firewall. I must explicit in which subnet the system is. On 9/6/05, Guilsson <guilsson@gmail.com> wrote:> > Dear Sirs > > This problem I saw using version 2.2.2. But I read the > /etc/shorewall/proxyarp from version 2.4.3 and I didn''t see changes on > the comments. I''m not sure if it was fixed. In fact it''s a cosmetic > bug. > > /etc/shorewall/proxyarp > #INTERFACE Local interface where system is connected. If the > # local interface is obvious from the subnetting, > # you may enter "-" in this column. > > You can only use "-" in this parameter if HAVEROUTE is "Yes". > If it''s "No", INTERFACE must be an interface name. > > With INTERFACE = "-" and HAVEROUTE = "No", you got: > > Creating Interface Chains... > Configuring Proxy ARP > Cannot find device "-" <===> Restoring Shorewall... > > -- > Guilsson > > > ------------------------------------------------------- > SF.Net email is Sponsored by the Better Software Conference & EXPO > September 19-22, 2005 * San Francisco, CA * Development Lifecycle > Practices > Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA > Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >
Ok. It was fixed in 2.4.4 (http://www.shorewall.net/News.htm, Item 1) Thanks On 9/6/05, Colorado Informatica <colorado.informatica@gmail.com> wrote:> I add another question on this: > Why you would use "-" on INTERFACE column if Shorewall cannot know which > subnet the system is ? > > I think the INTERFACE must be always an interface name. > > In my setup, first column is always an external (Internet) address. And I > have 8 ethernet on the firewall. I must explicit in which subnet the system > is. > > > On 9/6/05, Guilsson <guilsson@gmail.com> wrote: > > > > Dear Sirs > > > > This problem I saw using version 2.2.2. But I read the > > /etc/shorewall/proxyarp from version 2.4.3 and I didn''t see changes on > > the comments. I''m not sure if it was fixed. In fact it''s a cosmetic > > bug. > > > > /etc/shorewall/proxyarp > > #INTERFACE Local interface where system is connected. If the > > # local interface is obvious from the subnetting, > > # you may enter "-" in this column. > > > > You can only use "-" in this parameter if HAVEROUTE is "Yes". > > If it''s "No", INTERFACE must be an interface name. > > > > With INTERFACE = "-" and HAVEROUTE = "No", you got: > > > > Creating Interface Chains... > > Configuring Proxy ARP > > Cannot find device "-" <===> > Restoring Shorewall... > > > > -- > > Guilsson > > > > > > ------------------------------------------------------- > > SF.Net email is Sponsored by the Better Software Conference & EXPO > > September 19-22, 2005 * San Francisco, CA * Development Lifecycle > Practices > > Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA > > Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf > > _______________________________________________ > > Shorewall-users mailing list > > Shorewall-users@lists.sourceforge.net > > > https://lists.sourceforge.net/lists/listinfo/shorewall-users > > > >------------------------------------------------------- This SF.Net email is sponsored by: Power Architecture Resource Center: Free content, downloads, discussions, and more. http://solutions.newsforge.com/ibmarch.tmpl