thr3ads.net - Shorewall users - names of interfaces [Sep 2010]

If this information is useful, please help other people find it:
Share via:

peasthope@shaw.ca

2010-Sep-01 01:18 UTC

names of interfaces

Folk,

Quoting from
"http://www.shorewall.net/manpages/shorewall-nesting.html",
"The preferred way [to distinguish zones having ppp interfaces] is 
to use the ifname pppd option to change the ''net'' interface to
something other than ppp0. That way, it won''t match ppp+."

With a rudimentary skill in udev rules, I''ll hypothesize that 
renaming by udev is also satisfactory; and it applies to other 
interfaces as well.  This is on my Linux router.

# dalton:/etc/shorewall/interfaces
#ZONE   INTERFACE       BROADCAST       OPTIONS
net     eth0            detect          ...
loc     eth1            detect          ...
loc     eth3            detect          ...
loc     eth5            detect          ...
loc     ppp+
# This is for the openvpn tunnel.
vpn     tun0
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

With eth0 renamed to NetEth and ethn renamed to LocEthn 
for all n, this would be a tidy interfaces.

# dalton:/etc/shorewall/interfaces
#ZONE   INTERFACE       BROADCAST       OPTIONS
net     NetEth          detect          ...
loc     LocEth+         detect          ...
loc     ppp+
# This is for the openvpn tunnel.
vpn     tun0
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

Adding another LocEthn wouldn''t require a change in
/etc/shorewall/interfaces.

Regards,          ... Peter E.

-- 
VoIP 7785886232 is gone.  Please use 13604502132.
Sparcstation 2 netboots netbsd; installation pending.
Personal site works;  http://members.shaw.ca/peasthope/ .


------------------------------------------------------------------------------
This SF.net Dev2Dev email is sponsored by:

Show off your parallel programming skills.
Enter the Intel(R) Threading Challenge 2010.
http://p.sf.net/sfu/intel-thread-sfd

Jerry Vonau

2010-Sep-01 09:33 UTC

head link

Re: names of interfaces

On Tue, 2010-08-31 at 18:18 -0700, peasthope@shaw.ca
wrote:> Folk,
> 
> Quoting from
"http://www.shorewall.net/manpages/shorewall-nesting.html",
> "The preferred way [to distinguish zones having ppp interfaces] is 
> to use the ifname pppd option to change the ''net''
interface to
> something other than ppp0. That way, it won''t match ppp+."
> 
> With a rudimentary skill in udev rules, I''ll hypothesize that 
> renaming by udev is also satisfactory; and it applies to other 
> interfaces as well.  This is on my Linux router.
> 
> # dalton:/etc/shorewall/interfaces
> #ZONE   INTERFACE       BROADCAST       OPTIONS
> net     eth0            detect          ...
> loc     eth1            detect          ...
> loc     eth3            detect          ...
> loc     eth5            detect          ...
> loc     ppp+
> # This is for the openvpn tunnel.
> vpn     tun0
> #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
> 
> With eth0 renamed to NetEth and ethn renamed to LocEthn 
> for all n, this would be a tidy interfaces.
> 
> # dalton:/etc/shorewall/interfaces
> #ZONE   INTERFACE       BROADCAST       OPTIONS
> net     NetEth          detect          ...
> loc     LocEth+         detect          ...
> loc     ppp+
> # This is for the openvpn tunnel.
> vpn     tun0
> #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
> 
> Adding another LocEthn wouldn''t require a change in
/etc/shorewall/interfaces.
> 
> Regards,          ... Peter E.
How about a sample of the udev rules that you wrote?

Jerry


------------------------------------------------------------------------------
This SF.net Dev2Dev email is sponsored by:

Show off your parallel programming skills.
Enter the Intel(R) Threading Challenge 2010.
http://p.sf.net/sfu/intel-thread-sfd

Shorewall users - Sep 2010 - names of interfaces

names of interfaces

Re: names of interfaces