Hi,
I got an existing solution with shorewall where I can differentiate tun10 from
tun+ as different zone.
For example:
/etc/shorewall/zones
A ipv4
B:A ipv4
/etc/shorewall/interfaces
A tun+
B tun10
Now, I have a requirement to add tun11 to zone B.
When I do this in interfaces config:
A tun+
B tun10,tun11
It doesn''t like it (although it''s ok when performing shorewall
check).
If the above isn''t possible, is there an issue of running zone B with
tap interfaces? Is it going to break my existing routing and firewall rules
(because after reading diff between tap and tun, tap is for bridgign)? Or
it''s just a straight change over from tun to tap? (I know that I need
to remove the nesting zone as I don''t need them anymore).
My shorewall version: perl 4.2.9 with openvpn.
Thank you.
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what''s new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
