local.m4: Allow dmz/jump packets on unsafe/colo networks and vice versa.

[firewall] / local.m4

diff --git a/local.m4 b/local.m4
index 36f76b3..0a1617f 100644 (file)
--- a/local.m4
+++ b/local.m4
@@ -75,23 +75,23 @@ defnet housebdry virtual
 ## House hosts.
 defhost radius
        router
-       iface eth0 dmz
-       iface eth1 unsafe
+       iface eth0 dmz unsafe
+       iface eth1 dmz unsafe
        iface eth2 safe
        iface eth3 untrusted
 defhost roadstar
-       iface eth0 dmz
-       iface eth1 unsafe
+       iface eth0 dmz unsafe
+       iface eth1 dmz unsafe
 defhost jem
-       iface eth0 dmz
-       iface eth1 unsafe
+       iface eth0 dmz unsafe
+       iface eth1 dmz unsafe
 defhost artist
-       iface eth0 dmz
-       iface eth1 unsafe
+       iface eth0 dmz unsafe
+       iface eth1 dmz unsafe
 defhost vampire
        router
-       iface eth0.0 dmz
-       iface eth0.1 unsafe
+       iface eth0.0 dmz unsafe
+       iface eth0.1 dmz unsafe
        iface eth0.3 untrusted
        iface dns0 dns
        iface vpn-+ vpn
@@ -118,23 +118,23 @@ defnet colobdry virtual
 
 ## Colocated hosts.
 defhost fender
-       iface br-jump jump
-       iface br-colo colo
+       iface br-jump jump colo
+       iface br-colo jump colo
 defhost precision
        router
-       iface eth0 jump
-       iface eth1 colo
+       iface eth0 jump colo
+       iface eth1 jump colo
        iface vpn-+ vpn
        iface vpn-vampire housebdry vpn
 defhost telecaster
-       iface eth0 jump
-       iface eth1 colo
+       iface eth0 jump colo
+       iface eth1 jump colo
 defhost stratocaster
-       iface eth0 jump
-       iface eth1 colo
+       iface eth0 jump colo
+       iface eth1 jump colo
 defhost jazz
-       iface eth0 jump
-       iface eth1 colo
+       iface eth0 jump colo
+       iface eth1 jump colo
 
 ## Other networks.
 defnet hub virtual