search for: vpn2wlan

...zone shorewall add eth1:192.0.2.1 vpn Which will generate this ruleset after previous one. - -A eth1_dynf -s 192.0.2.1 -d 10.10.0.0/255.255.255.0 -o eth0 -j vpn2vpn - -A eth1_dynf -s 192.0.2.1 -o eth1 -j vpn2dmz - -A eth1_dynf -s 192.0.2.1 -o eth0 -j vpn2net - -A eth1_dynf -s 192.0.2.1 -o eth1 -j vpn2wlan - -A eth1_dynf -d 192.0.2.1 -o eth1 -j wlan2all Ok. Problem lies here: when a packet comes from 192.0.2.1 and want to go to 10.10.0.1 both in vpn zone, wlan2all zone REJECT policy hits in _before_ vpn2vpn policy. - -A eth1_dynf -d 10.10.0.0/255.255.255.0 -o eth0 -j wlan2all - -A eth1_dynf -s 192...