From 8041569f14fd548ee3d48a9fbdc408e8543ca2f9 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Sun, 10 Oct 2010 08:28:38 -0700 Subject: [PATCH] Revise Vserver article --- docs/Vserver.xml | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/docs/Vserver.xml b/docs/Vserver.xml index d1d234391..46ebccdb4 100644 --- a/docs/Vserver.xml +++ b/docs/Vserver.xml @@ -114,7 +114,7 @@ gateway:~#
Vserver Zones - Here is a diagram of the network configuration here at Shorewall.net + This is a diagram of the network configuration here at Shorewall.net during the summer of 2010: @@ -131,6 +131,12 @@ net ipv4 #Internet vpn ipv4 #OpenVPN clients dmz vserver #Vservers + /etc/shorewall/interfaces: + + #ZONE INTERFACE BROADCAST OPTIONS +net eth1 detect dhcp,optional,routefilter=0,logmartians,proxyarp=0,nosmurfs,upnp +... + /etc/shorewall/hosts: #ZONE HOST(S) OPTIONS @@ -160,10 +166,16 @@ vpn ipv6 dmz vserver + /etc/shorewall6/interfaces: + + #ZONE INTERFACE BROADCAST OPTIONS +net sit1 detect tcpflags,forward=1,nosmurfs,routeback +... + /etc/shorewall6/hosts: #ZONE HOST(S) OPTIONS -dmz sit1:[2001:470:e857:1::/64] +dmz sit1:[2001:470:e857:1::/64] Note that I choose to place the Vservers on sit1 (the IPv6 net interface) rather than on eth1. Again, it really doesn't matter