Chakravarthy Girda wrote: > Hi, > I gave up on this issues. Here is my research... > > (1) /etc/shorewall/route_rules > * It works but only per IP address or the entire LAN. > * It won't work per protocol or service based.
It isn't designed to work per protocol or service. > * Failover capability won't work If you use a failover capability that doesn't deal with routing rules, that is probably true. > > (2) /etc/shorewall/tcrules > This is supposed to work per protocol but I could never make it work. > Sample:- > #2:130 eth0 eth4 tcp - 873,21,22 That tcrule could NEVER have any effect on routing. You are specifying an OUTPUT interface which cannot be determined until routing is completed! -Tom -- Tom Eastep \ The ultimate result of shielding men from the Shoreline, \ effects of folly is to fill the world with fools. Washington, USA \ -Herbert Spencer http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
