[PVE-User] Bond0 device for Net interface
Inderjit Singh
sysadmin85 at gmail.com
Sun Oct 9 17:07:27 CEST 2011
Hello ,
We are using shorewall with Proxmox. Issue is *net to FW* traffic not
working but *dmz to FW* is working fine. Our requirement is all traffic
goes to *Net to FW* . Please provide suggestions.
*/etc/shorewall/zones*
fw firewall
net ipv4
dmz ipv4
loc ipv4
*
/etc/shorewall/interfaces*
#ZONE INTERFACE BROADCAST OPTIONS
net bond0 detect routeback,tcpflags,routefilter
dmz venet0 detect routeback
dmz vmbr1 detect routeback
loc vmbr0 detect routeback
*/etc/shorewall/policy*
#$FW $FW ACCEPT
$FW net REJECT
$FW dmz REJECT
$FW loc ACCEPT
# From DMZ Policy
dmz dmz ACCEPT
dmz net ACCEPT
dmz $FW DROP info 1/sec:2
#dmz loc REJECT info
# From Net Policy
net all DROP
net $FW ACCEPT info 1/sec:2
#net dmz ACCEPT info 8/sec:30
net loc REJECT info
# From Loc Policy
loc loc ACCEPT
loc $FW ACCEPT
loc dmz REJECT info
loc net ACCEPT info
# THE FOLLOWING POLICY MUST BE LAST
all all REJECT info
--
--
Inderjit Singh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.proxmox.com/pipermail/pve-user/attachments/20111009/d77f9f3e/attachment.htm>
More information about the pve-user
mailing list