Em 17-07-2015 17:38, [email protected] escreveu:
Thanks much for all your good help! I will try it.
No problem.
For now I'm just still using probabilistic rules with quick keyword + fallback rule but using mpath instead of rdomain and this works smoothly now!
If I recall correctly, you could mix mpath with rdomains. But, as much as I like rdomains, I still prefer mpath for multiple ISP's setups.
If I'll need to setup multi-isp setup ever, I'll use anchors and "make ifstated check for the gateways availability, and update the rules accordingly" like you suggested.
ifstated works great in this. It's a state machine, so you can code any scripts into it and handle very complex setups. The most complex I ever recall I've done was a firewall with 4 different ISP's, and a complex ruleset. There were all sorts of checks and failovers, lots of anchors. This was almost 10 years ago. Things have changed. But some didn't.
Cheers, Giancarlo Razzolini
