Thanks for your reply. It took a while for it to sink in, but I finally realized that I don't, in fact, need two zones to accomplish what I want. Because each machine is independent with it's own statis IP address (each is both a server and a client to the other) they each have their own (personal) firewall operating.
So, I have no change to the default /interfaces file nor the default /zones file. My only change is to /rules on each machine, to accept traffic from the other machine:
ACCEPT net:220.127.116.11 fw all
ACCEPT fw:18.104.22.168 net all
I can do NFS file sharing and printer sharing, still in STEALTH mode (GRC test).
Perhaps this info will help the next newbie with a similar problem.
Michael Harrison wrote:> configuration, including those at shorewall.net <http://shorewall.net>,
> I'm new to Linux (terminally frustrated Windows user) and have recently
> installed PClinuxOS on two machines at home. I've set up NFS shared
> home directories on both machines, which I can mount and access fine
> only when Shorewall is stopped. I've read a few guides on Shorewall
> and tried everything that made sense, to no avail - Shorewall blocks theI'm a but unclear about the configuration. You have two independent
> mount requests.
> I'm thinking that the problem is with my environment (although it was
> working under Windows with File Sharing). I have the two computers
> attached via a Netgear 4 port hub. The hub is also attached to a
> Motorolla Cable Modem for Internet access. I don't have a domain, (under
> Windows the sharing was done via a Workgroup) and the two computers have
> very different static IP's assigned by Comcast, my ISP.
> The PClinuxOS install automatically set up eth0 and the Internet
> connections worked fine. Is there a way to tell Shorewall to allow the
> loc lan accesses on the same interface (eth0) as the net? A way to add
> another interface (with just the Netgear hub) ?
> I have tried using "-" for zone in the interfaces file, and adding
> "loc:123.456.789.01" and "net detect" in the hosts file but that results
> in a syntax error for the net zone.
machines on a hub that is cabled to the cable modem. Is there a third
system that hosts the NFS-mounted home directories or is one of the
machines hosting them?
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensign option that enables unlimited
royalty-free distribution of the report engine for externally facing
server and web deployment.
Shorewall-users mailing list