Post by Göran Höglund
Hi
I am trying to understand the logic for defining virtual interfaces (and
VLAN) on an interface towards internet.
I have a setup with three external WAN interfaces and two internal.
I am using lsm to discover and change from an interface with lower mark
to a higher when the lower marked interface fails.
This works fine with no hassle
My running and working setup
fw firewall
lan1 ipv4
bup2 ipv4
bup1 ipv4
lan2 ipv4
net ipv4
bup2 eth5 detect optional
lan2 eth2 detect optional,maclist
bup1 eth3 detect optional
lan1 eth1 detect optional,maclist
net eth0 detect optional
P_bup2 3 3 main eth5 192.168.0.1 loose,fallback eth1,eth2
P_bup1 2 2 main eth3 192.168.1.1 loose,fallback
eth1,eth2
P_net 1 1 main eth0 172.16.0.254 loose,balance
eth1,eth2
Then I create a virtual interface on eth0 as eth0:3, the network
settings works fine (when all firewalling is disabled).
I add a zone for the new alias interface in the zones file
virt3 ipv4
I change the definition of eth0 in interfaces to
- eth0 detect optional
running
shorewall check
Checking /etc/shorewall/providers...
ERROR: A provider interface must have at least one associated zone
/etc/shorewall/providers (line X)
eth0 and eth0:3 are on different subnets, I am only interested to use
DNAT on the alias interface and be able to configure the rules between
these interfaces.
So I wonder where I go wrong and what I am missing.
/Göran
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Post by Göran Höglund
I am trying to understand the logic for defining virtual interfaces (and
VLAN) on an interface towards internet.

Post by Göran Höglund
Then I create a virtual interface on eth0 as eth0:3, the network
settings works fine (when all firewalling is disabled).