Brian J. Murrell wrote:
To provide a real-world use case, imagine a MultiISP shorewall and openvpn configuration where the multiple ISP links are tracked and balanced. This all works fine as long as nothing comes along and adds routes to the "main" routing table after shorewall has made it's per-provider copy of it. So this means of course that openvpn, if it's going to install client subnet routes, needs to be run first.
As I've tried to explain on multiple occasions, *it does not mean that*.If your OpenVPN server is going to add routes to hosts in the 192.168.2.0/24 network then simply add this line to your route_rules file:
- 192.168.2.0/24 254 1001Solving the OpenVPN routing problem was one of the main reasons for creating the route_rules file in the first place.
-Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
