Mail archive
alpine-devel

Re: [alpine-devel] awall - forward to/from same port

From: Jeremy Thomerson <jeremy_at_thomersonfamily.com>
Date: Wed, 26 Sep 2012 09:32:43 -0500

On Wed, Sep 26, 2012 at 9:10 AM, Kaarle Ritvanen <
kaarle.ritvanen_at_datakunkku.fi> wrote:

> On Wed, 26 Sep 2012, Natanael Copa wrote:
>
> On Tue, 25 Sep 2012 12:34:53 -0500
>> Jeremy Thomerson <jeremy_at_thomersonfamily.com> wrote:
>>
>>> The problem is that awall didn't create a rule in the forward chain
>>> for -i gre1 -o gre1.
>>>
>>
>> Not that it means that awall should do the same, but in shorewall you
>> add an option called "routeback" to the interface definition.
>>
>
> Well, we could add similar attribute to zone definitions or just make
> awall always generate such rules. The downside of the latter option is that
> those rules are likely unnecessary in most cases, causing a slight penalty
> in performance. What do you think?
>

Perhaps we could add the attribute to the filter definition instead. i.e.:

                {
                        "in": "T",
                        "out": "T",
                        "action": "accept",
                        "routeback": "true"
                }

OR:

                {
                        "in": "T",
                        "out": "T",
                        "action": "acceptandrouteback"
                }



---
Unsubscribe:  alpine-devel+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-devel+help_at_lists.alpinelinux.org
---
Received on Wed Sep 26 2012 - 09:32:43 UTC