David Snider wrote:
I've gone over the configuration multiple times, but shorewall refuses to start as long as the provider file has the Squid line in it. Any thoughts to what I do wrong?
Nothing that I can see. Looks to me like your kit is badly broken.
qt ip route flush table 1
run_ip route replace 90.0.0.14 src
$(find_first_interface_address eth0) dev eth0 table 1
run_ip route add default via 90.0.0.14 dev eth0 table 1
That says:
a) 'flush routing table 1' (it now should be empty).
b) Replace the host route to 90.0.0.14 in table 1 (or add it if it doesn't
exist) with one that specifies 'src <primary IP address on eth0>'.
c) Add a default route to table 1 via 90.0.0.14. On any sane system, the third command couldn't possibly fail as a duplicate. At a root shell prompt, try this: ip route flush table 1 ip route ls table 1 ip route replace 90.0.0.14 src <ip address of eth0> dev eth0 table 1 ip route add default via 90.0.0.14 dev eth0 table 1 What happens? Here's what happens here (with br0 substituted for eth0). ursa:~ # ip route flush table 1 ursa:~ # ip route ls table 1 ursa:~ # ip route replace 90.0.0.14 src 192.168.0.254 dev br0 table 1 ursa:~ # ip route add default via 90.0.0.14 table 1 ursa:~ # -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
