[PVE-User] Bond0 device for Net interface
Inderjit Singh
sysadmin85 at gmail.com
Wed Oct 12 14:48:33 CEST 2011
Need more suggestions.....
--
--
Inderjit Singh
On 10/10/2011 12:09 PM, Giuliano Natali wrote:
> Alessandro Briosi wrote:
>> Il 09/10/2011 17:07, Inderjit Singh ha scritto:
>>> Hello ,
>>>
>>> We are using shorewall with Proxmox. Issue is *net to FW* traffic not
>>> working but *dmz to FW* is working fine. Our requirement is all
>>> traffic goes to *Net to FW* . Please provide suggestions.
>> Imho the rule
>>
>> net all DROP
>> must be put after the
>> net $FW ACCEPT
>> net log REJECT
>>
>> Otherwise it's applied before.
> I think the best way to use shorewall is to
> write a policy like
>
> all all DROP info (if you want to see where is the block)
>
> and use the rules to enable the traffic between what you want
>
> Then test the connection
> if shorewall blocks a packet you will find a log like this
>
> shorewall: dmz2net DROP etc. etc
>
> Use this to write the rule
>
> My additional cent to alessandro :-)
>
> Diaolin
>
> _______________________________________________
> pve-user mailing list
> pve-user at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
More information about the pve-user
mailing list