> : On Thursday 29 March 2007, Grigory Mokhin wrote: > : > Hello, > : > > : > I need to send lan2net traffic to a certain IP address via one > : > provider (ISP1, eth0), and all other lan2net traffic via the second > : > provider (ISP2, eth1). Assuming eth2 is LAN, the first rule in > : > route_rules would be: > : > > : > eth2 A.B.C.D ISP1 1000 > : > > : > What is the correct syntax for the second rule, to send all packets > : > not to A.B.C.D via ISP2? > : > > : > Thanks, > : > Gregory > :
> Remember the docs quote this below > > The bottom line is that if you want traffic to go out through a particular > provider then you must mark that traffic with the provider's MARK value in > /etc/shorewall/tcrules and you must do that marking in the PREROUTING chain; > or, you must provide the appropriate rules in /etc/shorewall/route_rules. > > and that you can set in shorewall.conf mark in forward chain = yes > > I would do this in Tc Rules--- with high marks=no in shorewall.conf > If this where your config: > 1=ISP1, lan=192.168.1.0/24, IP address on the net= 24.56.84.57, eth1=local > /etc/shorewall/tcrules > > 1:P eth1:192.168.1.0/24 24.56.84.57 all > or if you just wanted web traffic > > 1:P eth1:192.168.1.0/24 24.56.84.57 tcp 80 > > Mike > I use tcrules with high marks =yes. On IRC channel I asked Tom if it is possible to solve my problem with a rule in route_rules. He said yes. I just can't figure out the correct syntax. Otherwise I would probably use tcrules for marking. Regards, Gregory ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
