Daniele Davolio wrote: > I'm sorry for late but I was dealing with other tasks. > Thanks for the suggestions, this one worked for me: > > http://www.shorewall.net/MultiISP.html#Local. > > But now, I have another situation. The openvpn is connecting and > working, the packets come IN and OUT from the same eth0 interface. With > the Shorewall started, the TC is blocking the traffic from the DMZ > servers to the Road Warrior client. > I'll explain better. I have a DMZ called "dweb", and two ISP providers, > both on the "net" zone. I have also some tcrules to mark and regulate > some traffic. When my Road Warrior connect to the openvpn server on the > Firewall and he start a Ping to a dweb server through eth3 interface, > the packets reach the server but the icmp replay are catch somewhere in > TC on the way back. I can't understand why. If I comment out the > "1:P eth3 0.0.0.0/0 all -" rule in tcrules and > restart shorewall, the Road Warriors can reach the "dweb" server as wanted. > Thanks for any suggestion. > > Here are the configuration files:
Go to http://www.shorewall.net/MultiISP.html#id305711 and read. -Tom ------------------------------------------------------------------------------ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
