Jerry Vonau wrote: > Grant Scheffert wrote: <snip> >> # Shorewall version 3.4 - Providers File >> # >> #NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY >> OPTIONS COPY >> ISP1 1 1 main eth2 216.x.y.33 track,balance >> ETH0 >> ISP2 2 2 main eth3 136.x.y.1 balance ETH0 >> #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE >> >> My interfaces are configured like this: >> LAN = ETH0 (10.0.0.0/24 >> DMZ = ETH1 (not used yet) >> ISP1 = ETH2 (216.x.y.34/28) >> ISP2 = ETH3 (136.x.y.2/25) >> <snip>
>> I suspect I have missed something in my configuration. I've studied >> http://www.shorewall.net/MultiISP.html pretty hard and have not found >> the answer. Any suggestions would be appreciated. >> > > Please summit a shorewall dump. The only thing that jumps out from your from your dump other than eth3 differs from the above info: Chain eth2_masq (1 references) pkts bytes target prot opt in out source destination 0 0 MASQUERADE all -- * * 10.0.0.0/24 0.0.0.0/0 0 0 MASQUERADE all -- * * 192.168.1.0/24 0.0.0.0/0 Chain eth3_masq (1 references) pkts bytes target prot opt in out source destination 0 0 MASQUERADE all -- * * 10.0.0.0/24 0.0.0.0/0 0 0 MASQUERADE all -- * * 192.168.1.0/24 0.0.0.0/0 Past experence tells me you should be using snat here, have another look at the example on multiisp page, your masq file entries need to use the third column, to set a SNAT entry here. Jerry ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
