X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=README;h=c1c2518e0603166a02c4d838c3bceeff0d8324d6;hb=d8f2505e9f075f6314a852ccf1d249415e596c8a;hp=e6f447adf877aaf706653266fdff39fa311a7eba;hpb=8fb53d8ccf5b71e3352c33221fdecb9e97e1753c;p=pve-firewall.git

diff --git a/README b/README
index e6f447a..c1c2518 100644
--- a/README
+++ b/README
@@ -123,7 +123,7 @@ Outbound rules looks like:
  SSH(ACCEPT)     $ZVMBR0VM100:tap100i0          all
 
 
-Unresolved problems
+Problems
 ===================
 
 Inbound rules with source IP does not work, because shorewall
@@ -131,9 +131,12 @@ does not allow rules like:
 
  SSH(ACCEPT)     all:IP_ADDRESS       $ZVMBR0VM100:tap100i0
 
-As workaroud, we can create such rule for each BP zone:
+As workaroud, we create one rule for each BP zone on the same
+bridge:
 
- SSH(ACCEPT)     $ZVMBR0EXT:IP_ADDRESS       $ZVMBR0VM100:tap100i0
+ SSH(ACCEPT)     $ZVMBR0:IP_ADDRESS       $ZVMBR0VM100:tap100i0
+ SSH(ACCEPT)     $ZVMBR0VM777:IP_ADDRESS  $ZVMBR0VM100:tap100i0
+ SSH(ACCEPT)     $ZVMBR0EXT:IP_ADDRESS    $ZVMBR0VM100:tap100i0