[Shorewall-users] Q: Shorewall failover auto-switch script

2017-07-20 Thread andreil1
Hi, I have this setup of shorewall with 2 ISPs, and need to auto-switch connection if main (LTC1) provider fails, and the revert back if it becomes alive. *** shorewall.conf *** USE_DEFAULT_RT=Yes *** providers *** LTC1 1 0x1 - eth0 gw1.xx.xx.xx track,balance=1 - BTC2 2 0x2

Re: [Shorewall-users] Q: Shorewall failover auto-switch script

2017-07-20 Thread Simon Hobson
andreil1 wrote: > I have this setup of shorewall with 2 ISPs, and need to auto-switch > connection if main (LTC1) provider fails, and the revert back if it becomes > alive. > > *** shorewall.conf *** > USE_DEFAULT_RT=Yes > > *** providers *** > LTC1 1 0x1

Re: [Shorewall-users] Q: Shorewall failover auto-switch script

2017-07-20 Thread Simon Hobson
andreil1 wrote: > shorewall disable LTC1 <— Doesn’t work > > ERROR: LTC1 is not an optional provider interface: Firewall state not changed > /usr/share/shorewall/lib.common: line 93: 28414 Terminated > $SHOREWALL_SHELL $script $options $@ > > Should I mark

Re: [Shorewall-users] Q: Shorewall failover auto-switch script

2017-07-20 Thread andreil1
> On 20 Jul 2017, at 12:04, Simon Hobson wrote: > > andreil1 wrote: > >> I have this setup of shorewall with 2 ISPs, and need to auto-switch >> connection if main (LTC1) provider fails, and the revert back if it becomes >> alive. >> >> ***

Re: [Shorewall-users] Q: Shorewall failover auto-switch script

2017-07-20 Thread andreil1
> On 20 Jul 2017, at 13:33, Simon Hobson wrote: > > andreil1 wrote: > >> shorewall disable LTC1 <— Doesn’t work >> >> ERROR: LTC1 is not an optional provider interface: Firewall state not changed >> /usr/share/shorewall/lib.common: line 93:

Re: [Shorewall-users] Q: Shorewall failover auto-switch script

2017-07-20 Thread Tom Eastep
On 07/20/2017 03:59 AM, andreil1 wrote: > > >> On 20 Jul 2017, at 13:33, Simon Hobson wrote: >> >> andreil1 wrote: >> >>> shorewall disable LTC1 <— Doesn’t work >>> >>> ERROR: LTC1 is not an optional provider interface: Firewall state not >>>

[Shorewall-users] shorewall-5.1.4.4 won't masquerade

2017-07-20 Thread Grant
My masquerade config is simple exactly like Example 1 here: http://shorewall.org/manpages/shorewall-masq.html It has worked for a very long time and works on 5.0.15.6 but not on 5.1.4.4 or 5.1.5. Any ideas? - Grant --

Re: [Shorewall-users] shorewall-5.1.4.4 won't masquerade

2017-07-20 Thread Simon Matter
> My masquerade config is simple exactly like Example 1 here: > > http://shorewall.org/manpages/shorewall-masq.html > > It has worked for a very long time and works on 5.0.15.6 but not on > 5.1.4.4 or 5.1.5. Any ideas? Hi, I think you have to update your config because it now uses the snat file

Re: [Shorewall-users] shorewall-5.1.4.4 won't masquerade

2017-07-20 Thread Tom Eastep
On 07/20/2017 03:54 PM, Grant wrote: > My masquerade config is simple exactly like Example 1 here: > > http://shorewall.org/manpages/shorewall-masq.html > > It has worked for a very long time and works on 5.0.15.6 but not on > 5.1.4.4 or 5.1.5. Any ideas? > If you shorewall update