Thanks Jerry
You put some light on my darkness...
But I have a doubt here:
Where I declare the ISP 1 or 2? /etc/shorewall/providers?
Another question:
In this case, I have to send outgoing traffic through specific external IP.
Let me explain.
I have one LAN and two ISP, right?
When some user behind Shorewall open your web browser or certain
application, and enter a especific URL or Internet address, this traffic may
be outgoing via ISP1, per example.
Others traffic outgoinh via ISP2....
Thanks
2008/10/24 Jerry Vonau <[EMAIL PROTECTED]>
> Gilberto Nunes wrote:
> > Hi all and specially Mr. Tom....
> >
> > (Please, do not be acid with me please! I am only a newbie, trying learn
> > more about shorewall)
> >
> > I get involved with a Firewall Project in a customer here in my city...
> >
> > In this customer, he has two Internet Providers.
> >
> > So, he ask me how make certain connection following one routing path
> (like
> > RT_1) and others connections type, following the other routing path (like
> > RT_2).
> >
> > Let me try do a ascii art here:
> >
> >
> > ( I know is horrible think! rsrs I am not artist!)
> >
> > So, all traffic is pass by SHOREWALL MACHINE. ok!
> >
> > Some traffic have to out via ISP 1 and others traffic, will be out via
> ISP
> > 2.
> >
> > I am reading Multiple ISP docs, but it is not clearly for me
> >
> Right after one of the "WARNING"s on:
> http://www.shorewall.net/MultiISP.html
>
> Entries in /etc/shorewall/masq have no effect on which ISP a particular
> connection will be sent through. That is rather the purpose of entries
> in /etc/shorewall/tcrules or /etc/shorewall/route_rules. <<<<<<
>
> Now suppose that you want to route all outgoing SMTP traffic from your
> local network through ISP 2. You would make this entry in
> /etc/shorewall/tcrules (and if you are running a version of Shorewall
> earlier than 3.0.0, you would set TC_ENABLED=Yes in
> /etc/shorewall/shorewall.conf).
>
> #MARK SOURCE DEST PROTO PORT(S) CLIENT
> USER TEST
> # PORT(S)
> 2:P <local network> 0.0.0.0/0 tcp 25
> "
>
> > So, I need some help with this.
> >
> > Can I use packet mark? How?
> >
> Depending on what you need to do, use entries in /etc/shorewall/tcrules
> or /etc/shorewall/route_rules.
>
> > In a traditional iptables rules, I use --set-mark.
> > But in a Shorewall enviroment, how can I take action with this iptables
> > rules?
> >
> More traffic marking info at:
> http://www.shorewall.net/traffic_shaping.htm
>
> > THanks for all response.
> >
> > Sorry for my poor english...
> >
> Hope this helps,
>
> Jerry
>
>
> -------------------------------------------------------------------------
> This SF.Net email is sponsored by the Moblin Your Move Developer's
> challenge
> Build the coolest Linux based applications with Moblin SDK & win great
> prizes
> Grand prize is a trip for two to an Open Source event anywhere in the world
> http://moblin-contest.org/redirect.php?banner_id=100&url=/
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
