-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Joe Terranova wrote:> I''m trying to route all traffic from a loopback interface (lo:0)
to my
> vpn interface (ppp0)
>
> this is my zones file:
>
> #ZONE TYPE OPTIONS IN OUT
> # OPTIONS OPTIONS
> fw firewall
> net ipv4
> loc:net ipv4
> vpn ipv4
> lob ipv4
>
> this is my interfaces file:
> #ZONE INTERFACE BROADCAST OPTIONS
> net eth0 255.255.255.0 dchp,routeback
> vpn ppp0 255.255.255.0 dhcp,routeback
> lob lo:0
>
> I have the vpn set up in my tunnels file:
> # TYPE ZONE GATEWAY GATEWAY
> # ZONE
> pptpclient net 0.0.0.0/0 vpn
>
>
> This is the ifconfig for lo:0
> lo:0 Link encap:Local Loopback
> inet addr:172.27.72.64 Mask:255.255.255.255
> UP LOOPBACK RUNNING MTU:16436 Metric:1
>
> Problem 1:
>
> This configuration doesn''t work. I get the following error on
startup:
> ERROR: Invalid Interface Name: lo:0
This is working as designed -- see
http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html.
>
> Problem 2:
> Assuming someone can help me with lo:0, I''d like to redirect all
> traffic from lo:0 (zone lob) to ppp0 (zone vpn), and I''d like the
> traffic to route back.
> I know I can do something similar using providers, but I''ve had a
lot
> of trouble with them, I''d rather just bind programs to
lo:0''s IP
> (172.27.72.64), and I don''t want them to not work at all if the
VPN''s
> down.
I know of no way to do that with Shorewall without using providers.
Because the providers file is the only way to configure routing with
Shorewall (other than a very limited feature of proxy ARP).
- -Tom
- --
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkrkws4ACgkQO/MAbZfjDLLRkACgwRsas4428KJeg0VPgM229c/M
d14An16XBvXjLvwU9EdcjJ4aYBDbl1WB
=xAC8
-----END PGP SIGNATURE-----
------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference