Hi, my firewall have 2 providers (eth0 and eth5) with private IP. Providers file:
ISP1 1 1 main eth0 192.168.2.1 track ISP2 2 2 main eth5 192.168.0.1 track I using tcrules for marking packet in forwarding and all right. But I want to mark the packets starting from the firewall in this mode: if user is dansguardian mark with 2, otherwise use uses the default gateway (via eth0) I tried adding this rule to tcrules: 2 $FW - - - - dansguardian but don't working, users dansguardian is not passed by any of the 2 providers. I solved by deleting the rule just entered and inserting in the file start: /sbin/iptables -t mangle -I OUTPUT -m owner --uid-owner 107 -j MARK --set-mark 2 /sbin/iptables -t nat -I POSTROUTING -m owner --uid-owner 107 -j SNAT --to-source 192.168.0.254 echo 0 >/proc/sys/net/ipv4/conf/eth5/rp_filter How can I do to get the same result directly without using the rules of iptables? Thank you ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. ------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
