[Shorewall-newbies] Re: [Shorewall-users] Crypto API and Shorewall

Tom Eastep teastep at shorewall.net
Wed Jan 21 20:11:04 PST 2004


On Thu, 15 Jan 2004, Tom Eastep wrote:

> III. The requirement to avoid masquerading traffic through tunnels means that
> you can't cleanly define a VPN hub. You would want to be able to have an
> entry in /etc/shorewall/masq as follows:
>
> <ext if>:!<subnet1>,<subnet2>,...	<local if>
>
> Where <subnet<n>> are the remote networks that you are tying together.
>
> Shorewall currently doesn't support such entries.

The version of Shorewall in CVS (Shorewall/ project) now support these
entries.

-Tom
--
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net


More information about the Shorewall-newbies mailing list