I : On Thursday 29 March 2007, Grigory Mokhin wrote: : > Hello, : > : > I need to send lan2net traffic to a certain IP address via one : > provider (ISP1, eth0), and all other lan2net traffic via the second : > provider (ISP2, eth1). Assuming eth2 is LAN, the first rule in : > route_rules would be: : > : > eth2 A.B.C.D ISP1 1000 : > : > What is the correct syntax for the second rule, to send all packets : > not to A.B.C.D via ISP2? : > : > Thanks, : > Gregory : : can't you just do that with a route command? : : : -- : _____________________________________ : John Andersen Remember the docs quote this below
The bottom line is that if you want traffic to go out through a particular provider then you must mark that traffic with the provider's MARK value in /etc/shorewall/tcrules and you must do that marking in the PREROUTING chain; or, you must provide the appropriate rules in /etc/shorewall/route_rules. and that you can set in shorewall.conf mark in forward chain = yes I would do this in Tc Rules--- with high marks=no in shorewall.conf If this where your config: 1=ISP1, lan=192.168.1.0/24, IP address on the net= 24.56.84.57, eth1=local /etc/shorewall/tcrules 1:P eth1:192.168.1.0/24 24.56.84.57 all or if you just wanted web traffic 1:P eth1:192.168.1.0/24 24.56.84.57 tcp 80 Mike ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
