[Shorewall-newbies] Sub-Interface's

[sysop]

>From what I have read Shorewall does not recognize vitual interfaces.  Is my only option to include ip specific rules.  The one thing that attracted me to Shorwall was the fact that I can group my interfaces and apply rules.  If there is something I'm missing, please let me know.  Also,  I installed 2.0 for the first timethe other day.  I added some rules for one of my interfaces by ip address.  I started Shorewall and completely locked myself out of the server.  Unfortuantely, I had to get someone to reboot the server and interrupt the boot to prevent Shorewall from starting.  I need a explicit allow line to allow me to connect in the event my acl is screwed.  I will figure it out while I begin developing my ruleset but would like to make certain that I can connect back.  Thanks in advance.