extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-04-01 11:26:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update Simple Bridge article for 5.0

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2016-02-19 09:46:23 -08:00
parent ce47ea7ec7
commit 60f319a718
1 changed files with 9 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
docs/SimpleBridge.xml
View File

@ -86,7 +86,7 @@
<para>The following diagram shows a firewall for two bridged LAN <para>The following diagram shows a firewall for two bridged LAN
segments.</para> segments.</para>
<graphic align="center" fileref="images/SimpleBridge.png" valign="middle" /> <graphic align="center" fileref="images/SimpleBridge.png" valign="middle"/>
<para>This is fundamentally the Two-interface Firewall described in the <para>This is fundamentally the Two-interface Firewall described in the
<ulink url="two-interface.htm">Two-interface Quickstart Guide</ulink>. The <ulink url="two-interface.htm">Two-interface Quickstart Guide</ulink>. The
@ -108,10 +108,11 @@
<para><filename>/etc/shorewall/interfaces</filename>:</para> <para><filename>/etc/shorewall/interfaces</filename>:</para>
<programlisting>#ZONE INTERFACE BROADCAST OPTIONS <programlisting>?FORMAT 2
net eth0 detect ... #ZONE INTERFACE OPTIONS
loc <emphasis role="bold">br0</emphasis> 10.0.1.255 <emphasis net eth0 ...
role="bold">routeback</emphasis>,...</programlisting> loc <emphasis role="bold">br0</emphasis> <emphasis
role="bold">routeback,bridge</emphasis>,...</programlisting>
<para>So the key points here are:</para> <para>So the key points here are:</para>
@ -128,8 +129,9 @@ loc <emphasis role="bold">br0</emphasis> 10.0.1.255 <
</listitem> </listitem>
<listitem> <listitem>
<para>The <emphasis role="bold">routeback</emphasis> option is <para>The <emphasis role="bold">routeback</emphasis> and <emphasis
specified for <filename class="devicefile">br0</filename>.</para> role="bold">bridge</emphasis> options is specified for <filename
class="devicefile">br0</filename>.</para>
</listitem> </listitem>
<listitem> <listitem>
@ -138,13 +140,6 @@ loc <emphasis role="bold">br0</emphasis> 10.0.1.255 <
</listitem> </listitem>
</itemizedlist> </itemizedlist>
<para><emphasis role="bold">Note to Shorewall-perl users</emphasis>: You
should also specify the <emphasis role="bold">bridge</emphasis>
option:<programlisting>#ZONE INTERFACE BROADCAST OPTIONS
net eth0 detect ...
loc <emphasis role="bold">br0</emphasis> 10.0.1.255 <emphasis
role="bold">routeback,bridge</emphasis>,...</programlisting></para>
<para>Your entry in <filename>/etc/shorewall/masq</filename> should be <para>Your entry in <filename>/etc/shorewall/masq</filename> should be
unchanged:</para> unchanged:</para>