It looks like this :
#
# Shorewall version 4 - Masq file
#
# For information about entries in this file, type "man shorewall-masq"
#
# The manpage is also online at
# http://www.shorewall.net/manpages/shorewall-masq.html
#
###############################################################################
#INTERFACE SOURCE ADDRESS PROTO
PORT(S) IPSEC MARK
eth0 83.142.149.102 88.162.31.82
eth0 192.168.2.1 88.162.31.82
eth0 eth4 88.162.31.82
eth1 88.162.31.82 83.142.149.102
eth1 192.168.2.1 83.142.149.102
eth1 eth4 83.142.149.102
eth2 83.142.149.102 192.168.2.1
eth2 88.162.31.82 192.168.2.1
eth2 eth4 192.168.2.1
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
Sorry for bad formatting this is from my phone. My multi isp issue
was because I didn't follow the readme regarding the masq file and I
had similar issues. How does your masq file look like?
Regards
-----Original Message-----
From: Pierre CHAUSSEE <[EMAIL PROTECTED]>
Sent: 05 September 2008 23:03
To: shorewall-users@lists.sourceforge.net
Subject: [Shorewall-users] Problem with MultiISP configuration (no
rc-rules), please help!
Hi,
I'm trying to set up a multi ISP configuration.
I can make it work without shorewall, except for incoming
connections :
i want to be able to connect to any oof the internet interfaces from
outside, I can not with ports forwarded on the local network : I am
not
always receiving an answer
I just want the same result as a multiWAN router that does load
balancing.
I discovered shorewall and the "MultiISP" configuration that seemed to
answer my problem.
I did set all files but the providers one, everything works then.
But when I fill the providers file, nothing works anymore : outgoing
connections are no more working, neither does incoming ones.
Please help.
Here are the commands you request
(just so you know : eth0,eth1,eth2 are internet connections and eth4
is
the only used local one) :
#/sbin/shorewall version
4.0.13
#ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
qlen 100
link/ether 00:15:17:7a:6a:bc brd ff:ff:ff:ff:ff:ff
inet 88.162.31.82/24 brd 88.162.31.255 scope global eth0
inet6 fe80::215:17ff:fe7a:6abc/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
qlen 100
link/ether 00:15:17:7a:6a:bd brd ff:ff:ff:ff:ff:ff
inet 83.142.149.102/30 brd 83.142.149.103 scope global eth1
inet6 fe80::215:17ff:fe7a:6abd/64 scope link
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
qlen 1000
link/ether 00:15:17:7a:6a:50 brd ff:ff:ff:ff:ff:ff
inet 192.168.2.1/24 brd 192.168.2.255 scope global eth2
inet6 fe80::215:17ff:fe7a:6a50/64 scope link
valid_lft forever preferred_lft forever
5: eth3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
link/ether 00:15:17:7a:6a:51 brd ff:ff:ff:ff:ff:ff
6: eth4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
qlen 1000
link/ether 00:1e:4f:3e:29:8e brd ff:ff:ff:ff:ff:ff
inet 192.168.1.200/24 brd 192.168.1.255 scope global eth4
inet6 fe80::21e:4fff:fe3e:298e/64 scope link
valid_lft forever preferred_lft forever
7: eth5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
link/ether 00:1e:4f:3e:29:8f brd ff:ff:ff:ff:ff:ff
8: teql0: <NOARP> mtu 1500 qdisc noop qlen 100
link/void
#ip route show
83.142.149.100/30 dev eth1 proto kernel scope link src
83.142.149.102
88.162.31.0/24 dev eth0 proto kernel scope link src 88.162.31.82
192.168.2.0/24 dev eth2 proto kernel scope link src 192.168.2.1
192.168.1.0/24 dev eth4 proto kernel scope link src 192.168.1.200
default
nexthop via 88.162.31.254 dev eth0 weight 1
nexthop via 83.142.149.101 dev eth1 weight 1
nexthop via 192.168.2.200 dev eth2 weight 1
And here is my providers file :
#NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY
OPTIONS COPY
ISP1 200 1 main eth0 88.162.31.254
track,balance eth4
ISP2 201 2 main eth1 83.142.149.101
track,balance eth4
ISP3 202 3 main eth2 192.168.2.200
track,balance eth4
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
Thank you for your help
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's
challenge
Build the coolest Linux based applications with Moblin SDK & win
great prizes
Grand prize is a trip for two to an Open Source event anywhere in
the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
