Brad Clarke wrote: > I'm currently using shorewall-perl 4.0.15 on Ubuntu 8.04 as the > gateway/internet router for 5 vlans. I'm thinking of moving the > routing between some of the internal lans to a layer 3 switch, which > means the shorewall box will need some static routes to get internet > traffic to flow back through the switch to the proper vlans. What's > the best way to get those routes to always be there so that shorewall > won't step on them?
Use your distribution's network configuration tools. Shorewall doesn't touch your routing unless: a) You have entries in /etc/shorewall/proxyarp that have 'Yes' in the NOROUTE column. A route to the host is added during 'start' and deleted during 'stop'. b) You have entries in /etc/shorewall/providers. The only changes that Shorewall makes to the 'main' table involve the default route(s). -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
