Shorewall users - Apr 2003 - Firewall+DHCP question

Good Morning.

Last week I posted a question about how to set up Shorewall Firewall to coexist
with a DHCP server. I set up three zones and assigned two of them to the
interfaces: net Zone is assigned to eth0 and loc Zone is to eth1. You said that
I shouldn''t type any entries for loc2 Zone (assigned to eth1:1) since
Shorewall can''t recognize an interface named eth1:1, but then How do I
define rules for loc2 Zone if that zone doesn''t "exists".

Shorewall output when starting looks like this:

Determining hosts in zones
net Zone 0.0.0.0/0
loc Zone 0.0.0.0/0
Warning loc2 Zone is empty

- Is the 0.0.0.0/0 line in the net and loc zones is OK?
- Do I have to define rules for loc and loc2 zones specifying subnets?

Best regards and congratulations on the new position!

    Carlos

On Wed, 2 Apr 2003, Carlos Cajina wrote:
> Good Morning.
>
> Last week I posted a question about how to set up Shorewall Firewall to
coexist with a DHCP server. I set up three zones and assigned two of them to the
interfaces: net Zone is assigned to eth0 and loc Zone is to eth1. You said that
I shouldn''t type any entries for loc2 Zone (assigned to eth1:1) since
Shorewall can''t recognize an interface named eth1:1, but then How do I
define rules for loc2 Zone if that zone doesn''t "exists".
>
> Shorewall output when starting looks like this:
>
> Determining hosts in zones
> net Zone 0.0.0.0/0
> loc Zone 0.0.0.0/0
> Warning loc2 Zone is empty
>
> - Is the 0.0.0.0/0 line in the net and loc zones is OK?
> - Do I have to define rules for loc and loc2 zones specifying subnets?
>
Please see http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html

-Tom
--
Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://www.shorewall.net
Washington USA  \ teastep@shorewall.net