Hi all!
I''m using shorewall 2.2.3 and I got a net device that seems to be a
point-to-point device (that''s what ifconfig suggests):
vpnlink Link encap:UNSPEC HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:aaa.bbb.ccc.ddd P-t-P:aaa.bbb.ccc.ddd Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1300 Metric:1
RX packets:560442 errors:0 dropped:0 overruns:0 frame:0
TX packets:305646 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:728197216 (694.4 Mb) TX bytes:16342074 (15.5 Mb)
In its description the interfaces file says:
BROADCAST
# The broadcast address for the subnetwork to which the
# interface belongs. For P-T-P interfaces, this
# column is left blank.If the interface has
# multiple
# addresses on multiple subnets then list the
# broadcast
# addresses as a comma-separated list.
But when I leave the collumn blank starting shorewall ends with errors.
#ZONE INTERFACE BROADCAST OPTIONS
net vpnlink norfc1918,routefilter,dhcp,tcpflags
vpn eth0 lll.mmm.nnn.ooo norfc1918,routefilter,dhcp,tcpflags
/etc/init.d/shorewall restart
* Restarting firewall ...
iptables v1.2.11: host/network `norfc1918'' not found
Try `iptables -h'' or ''iptables --help'' for more
information.
ERROR: Command "/sbin/iptables -A smurfs -s norfc1918 -j LOG --log-level
info --log-prefix "Shorewall:smurfs:DROP:"" Failed
/etc/init.d/shorewall: line 26: 21172 Terminated
/sbin/shorewall restart >/dev/null
How do I fill in a "blank" properly?
Thank you!
Greetings
Sebastian
--
"What the f*** are we doing out here in the middle of the desert?" - A
foreigner, probably Samoan