Michael Weickel - iQom Business Services GmbH wrote: > Great, thanks. Although the packet arrives first on a local interface the > feature has to be turned off on the outgoing interface and not on the local > (incoming) one, right?
It has to be turned off on any interface where you expect incoming packets with a SOURCE IP that would not be routed out of that same interface using the main routing table (in 2.6.32 or 33 the facility has been modified to use policy routing for the decision). -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
