Shorewall users - Jan 2003 - Problems with zone definition

Hi!

I have just upgraded from version 1.3.2 to 1.3.13 and noticed some 
strange things. On interface eth2 I have 4 different addresses 
192.168.11.0/24, 192.168.13.0/24, 192.168.102.0/24, 192.168.130.0/24 in 
version 1.3.2 loc zone is defined like this: loc eth2: 192.168.11.0/24, 
.. but in version 1.3.13 0.0.0.0/0 is added at the end on all zones and 
because of that for example machine in network 192.168.13.0/24 can 
connect to some hosts in network 192.168.11.0/24 but to others not. How 
do I get rid of that 0.0.0.0/0 at the end.

Thanks, David

--On Wednesday, January 29, 2003 6:47 PM +0100 David Pristovnik 
<david.pristovnik@klivija.si> wrote:
> Hi!
>
> I have just upgraded from version 1.3.2 to 1.3.13 and noticed some
> strange things. On interface eth2 I have 4 different addresses
> 192.168.11.0/24, 192.168.13.0/24, 192.168.102.0/24, 192.168.130.0/24 in
> version 1.3.2 loc zone is defined like this: loc eth2: 192.168.11.0/24,
> .. but in version 1.3.13 0.0.0.0/0 is added at the end on all zones and
> because of that for example machine in network 192.168.13.0/24 can
> connect to some hosts in network 192.168.11.0/24 but to others not. How
> do I get rid of that 0.0.0.0/0 at the end.
>
Given the above description, I can only GUESS that you have MERGE_HOSTS=Yes 
in shorewall.conf when you either want:

a) MERGE_HOSTS=No; OR
b) (preferred) Replace the zone name in the interfaces file with "-"
for
the zones that have the extra 0.0.0.0/0.

-Tom
--
Tom Eastep   \ Shorewall - iptables made easy
Shoreline,    \ http://www.shorewall.net
Washington USA \ teastep@shorewall.net