Andrew Sackville-West wrote:
so far as I know, having shorewall turned off in /etc/defaults/shorewall completely prevents it from running. So you would be left with bog standard iptables setup -- wide open.
For the record this is indeed the case. iptables -L showed nothing when I checked.
> what does your Dom0 /etc/network/interfaces look like? {grey@teleute:/etc/network} cat interfaces auto lo iface lo inet loopback auto eth1 iface eth1 inet static address 192.168.1.21 netmask 255.255.255.0 gateway 192.168.1.1 auto eth1:1 iface eth1:1 inet static address 192.168.1.1 netmask 255.255.255.0 #auto eth0 #iface eth0 inet dhcp auto eth0 iface eth0 inet static address 69.68.200.5 netmask 255.255.255.128 gateway 69.68.200.1 {grey@teleute:/etc/network}The really funky thing is the last time I set the machine for bridge networking, just a few minutes ago, xenbr1 got eth1's IP and there was a xenbr1:2 which got eth1:1's IP.