Hi all,
I''m not able to use shorewall for manage a bridge.
I get the following error:
ERROR: BRIDGING=Yes is not supported by Shorewall 4.4.13.3
Same error with version 4.4.11.4
I have read many documents, but I didnt find any solution.
I have test many configuration (managing hosts,interfaces,zones
files), but I get always the same error.
Have I to compile a new kernel? With which options?
I''m using debian squeeze, kernel 2.6.32-5-686
The bridge is very simple:
ifconfig:
br0 Link encap:Ethernet HWaddr 00:06:7b:09:b9:4d
inet addr:192.168.5.107 Bcast:192.168.5.255 Mask:255.255.255.0
...
eth0 Link encap:Ethernet HWaddr 00:18:f3:71:3f:a3
inet6 addr: fe80::218:f3ff:fe71:3fa3/64 Scope:Link
...
eth1 Link encap:Ethernet HWaddr 00:06:7b:09:b9:4d
inet6 addr: fe80::206:7bff:fe09:b94d/64 Scope:Link
..
brctl show
bridge name bridge id STP enabled interfaces
br0 8000.00067b09b94d no eth0
eth1
pan0 8000.000000000000 no
Thanks
Alessandro
------------------------------------------------------------------------------
Virtualization is moving to the mainstream and overtaking non-virtualized
environment for deploying applications. Does it make network security
easier or more difficult to achieve? Read this whitepaper to separate the
two and get a better understanding.
http://p.sf.net/sfu/hp-phase2-d2d
On 10/3/10 12:33 PM, Alessandro Tufi wrote:> Hi all, > I''m not able to use shorewall for manage a bridge. > I get the following error: > > ERROR: BRIDGING=Yes is not supported by Shorewall 4.4.13.3 > > Same error with version 4.4.11.4http://www.shorewall.net/Notices.html#Notice1 http://www.shorewall.net/bridge-Shorewall-perl.html -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Virtualization is moving to the mainstream and overtaking non-virtualized environment for deploying applications. Does it make network security easier or more difficult to achieve? Read this whitepaper to separate the two and get a better understanding. http://p.sf.net/sfu/hp-phase2-d2d
> http://www.shorewall.net/Notices.html#Notice1 > http://www.shorewall.net/bridge-Shorewall-perl.html > > -TomI have read both them before posting but shorewall didn''t work so, misunderstanding the BRIDGING option, I turned it on. Today I check again the shorewall configuration following the instruction, and now It works! I configured the boot too, while yesterday I didn''t (I don''t know if this small modification could make the difference; obviously today I paied attention to all other options too) Thanks Alessandro ------------------------------------------------------------------------------ Virtualization is moving to the mainstream and overtaking non-virtualized environment for deploying applications. Does it make network security easier or more difficult to achieve? Read this whitepaper to separate the two and get a better understanding. http://p.sf.net/sfu/hp-phase2-d2d
On 10/4/10 3:08 AM, Alessandro wrote:>> http://www.shorewall.net/Notices.html#Notice1 >> http://www.shorewall.net/bridge-Shorewall-perl.html >> >> -Tom > > > I have read both them before posting but shorewall didn''t work so, > misunderstanding the BRIDGING option, I turned it on.To avoid future confusion, I''ve removed BRIDGING from the released copies of shorewall.conf. I''ve also deleted PKTTYPE and USE_ACTIONS which are also both obsolete. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Virtualization is moving to the mainstream and overtaking non-virtualized environment for deploying applications. Does it make network security easier or more difficult to achieve? Read this whitepaper to separate the two and get a better understanding. http://p.sf.net/sfu/hp-phase2-d2d