Thanks Tom,

this helped a lot. ISP1 is my cable provider, ISP2 the dsl pppd connection.
But I figured that out.

The only thing I don't get is your LSM config here:

connection {
    name=Comcast
    checkip=${ETH0_GATEWAY:-71.231.152.1}
    device=$COM_IF
    ttl=1
}

I replaced these values with my own, i.e.

connection {
    name=ISP1
    checkip=${ETH1_GATEWAY}
    device=$ETH1_IF
    ttl=1
}

I've set up ETH1_IF in params, but where gets the script ETH1_GATEWAY from?
I checked the findgw script and it works fine. Still, the value checkip is 
always empty.

Best
Sebastian

Am 31.08.2010 um 16:17 schrieb Tom Eastep:

> On 8/31/10 1:34 AM, Sebastian Tänzer wrote:
> 
>> I've attached my shorewall dump, I hope this is correct.
> 
> Is this dump taken after ppp0 has been connected/reconnected? I'm
> guessing 'yes' and that the ppp0 interface is provider 'ISP1'?
> 
> If so, I would try the following:
> 
> - create the file 'shorewall' in both /etc/ppp/ip-up.d and
>  /etc/ppp/ip-down.d
> 
> - In each file, put:
> 
>       #!/bin/sh
>       
>       /sbin/shorewall status > /dev/null && /sbin/shorewall restart -f
> 
>  That will restart Shorewall if it is already running and ppp0 goes up
>  or down.
> 
> - Disable adding the default route in your ppp config. You'll have
>  to dig around in your documentation for your ppp software (pptp,
>  pppoe, pppocp [1], ...). It may be as simple as adding
>  'nodefaultroute' to /etc/ppp/options but since I've not used ppp
>  since the days of dial-up Internet access, I'm far from certain.
> 
> - Set the 'balance' option on ISP2 and 'fallback' on ISP1. Be sure that
>  you have 'main' in the DUPLICATE column and 'eth0,eth3' in the COPY
>  column in both entries. Place '-' in the GATEWAY column of ISP1.
> 
> - Run LSM but only have it monitor eth1; the entries in /etc/ppp/ will
>  restart shorewall if ppp0 goes up or down.
> 
> -Tom
> 
> [1] - PPP over Carrier Pigeon
> -- 
> Tom Eastep        \ When I die, I want to go like my Grandfather who
> Shoreline,         \ died peacefully in his sleep. Not screaming like
> Washington, USA     \ all of the passengers in his car
> http://shorewall.net \________________________________________________
> 
> ------------------------------------------------------------------------------
> This SF.net Dev2Dev email is sponsored by:
> 
> Show off your parallel programming skills.
> Enter the Intel(R) Threading Challenge 2010.
> http://p.sf.net/sfu/intel-thread-sfd_______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users


------------------------------------------------------------------------------
This SF.net Dev2Dev email is sponsored by:

Show off your parallel programming skills.
Enter the Intel(R) Threading Challenge 2010.
http://p.sf.net/sfu/intel-thread-sfd
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to