Dear all, i''m running shorewall with 3 interfaces: eth0: DMZeth1: ISPeth3: LAN I need to add a wifi zone that will work on a virtual interface eth0:1 following this link: http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html i''ve done the following: /etc/shorewall/host dmz eth0:192.168.30.0/24wifi eth0:192.168.40.0/24 /etc/shorewall/interfaces###############################################################################FORMAT 2################################################################################ZONE INTERFACE OPTIONSnet eth1 tcpflags,nosmurfs,routefilter,logmartians,sourceroute=0loc eth3 tcpflags,dhcp,nosmurfs,routefilter,logmartians- eth0 - /etc/shorewall/masq###############################################################################INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC MARKeth1 192.168.10.0/24,\ 192.168.30.0/24,\ 192.168.40.0/24 /etc/shorewall/zones################################################################################ZONE TYPE OPTIONS IN OUT# OPTIONS OPTIONSfw firewallnet ipv4loc ipv4dmz ipv4wifi ipv4 But when i do "shorewall restart" i recieve warnings that both wifi and dmz zones are EMTPY as such: Determining Hosts in Zones... WARNING: *** dmz is an EMPTY ZONE *** WARNING: *** wifi is an EMPTY ZONE *** Any explanation on why is that happening? ------------------------------------------------------------------------------ Sponsored by Intel(R) XDK Develop, test and display web and hybrid apps with a single code base. Download it for free now! http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
On 12/5/2013 4:06 AM, Roland RoLaNd wrote:> Dear all, > > i''m running shorewall with 3 interfaces: > > eth0: DMZ > eth1: ISP > eth3: LAN > > I need to add a wifi zone that will work on a virtual interface eth0:1 > > following this > link: http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html > > i''ve done the following: > > /etc/shorewall/host > dmz eth0:192.168.30.0/24 > wifi eth0:192.168.40.0/24 >The filename is ''hosts'', not ''host''. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Sponsored by Intel(R) XDK Develop, test and display web and hybrid apps with a single code base. Download it for free now! http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
i had it set as hosts though shorewall wouldn''t restart, i just tested on my home server and it worked.i''ll investigate further more when i get back to the office. thanks for the headsup. PS: if i wanted to add options to those interfaces such as logmartians,etc.. i do so in the "hosts" file ? Date: Thu, 5 Dec 2013 07:05:30 -0800 From: teastep@shorewall.net To: shorewall-users@lists.sourceforge.net Subject: Re: [Shorewall-users] Warning empty zone - virtual interface On 12/5/2013 4:06 AM, Roland RoLaNd wrote:> Dear all, > > i''m running shorewall with 3 interfaces: > > eth0: DMZ > eth1: ISP > eth3: LAN > > I need to add a wifi zone that will work on a virtual interface eth0:1 > > following this > link: http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html > > i''ve done the following: > > /etc/shorewall/host > dmz eth0:192.168.30.0/24 > wifi eth0:192.168.40.0/24 >The filename is ''hosts'', not ''host''. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Sponsored by Intel(R) XDK Develop, test and display web and hybrid apps with a single code base. Download it for free now! http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ Sponsored by Intel(R) XDK Develop, test and display web and hybrid apps with a single code base. Download it for free now! http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
On 12/6/2013 11:57 PM, Roland RoLaNd wrote:> i had it set as hosts though shorewall wouldn''t restart, i just tested > on my home server and it worked. > i''ll investigate further more when i get back to the office. thanks for > the headsup. > > PS: if i wanted to add options to those interfaces such as > logmartians,etc.. i do so in the "hosts" file ? >Interfaces. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Sponsored by Intel(R) XDK Develop, test and display web and hybrid apps with a single code base. Download it for free now! http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk