Brian J. Murrell wrote: > I'm just starting to experiment with multi-isp configuration and at the > part of the doc (http://www.shorewall.net/MultiISP.html) that specifies: > > Regardless of whether you have masqueraded hosts or not, YOU > MUST ADD THESE TWO ENTRIES TO /etc/shorewall/masq: > > #INTERFACE SUBNET ADDRESS > eth0 130.252.99.27 206.124.146.176 > eth1 206.124.146.176 130.252.99.27 > > If this is a MUST requirement for all multi-isp set ups, then can > shorewall not figure this out for itself and install it without the user > having to specify it?
Not really.
a) Shorewall couldn't determine where to put them in the masq file and the
file is order-sensitive.
b) Shorewall could redundantly add them, not realizing that the same traffic
is adequately covered by other masq rules such as:
eth0 0.0.0.0/0 206.124.146.177 #The different ADDRESS is
#intentional
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
