On 05/16/2011 01:52 PM, Red Baron wrote: > I am wanting to verify that I am properly using the MASQ for a series of > hosts. I have 2 providers, and my providers file has the contents: > > #NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY > OPTIONS COPY > l3 1 100 main eth0.100 1.18.139.1 > track,loose,fallback eth1 > ws 2 200 main eth0.101 1.155.136.193 > track,balance eth1 > #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE > > > > I have a host with internal IP address 172.16.5.254, that I have NAT > inbound IP's on both ISP's to, and want to make sure that outbound > replies with the same IP. > > > My MASQ file is where I address this, with the following: > > #INTERFACE SUBNET ADDRESS PROTO PORT(S) > IPSEC > eth0.100 172.16.5.254 1.18.139.7 > eth0.101 172.16.5.254 1.155.136.199 > #Catch All Masq > eth0.100 !1.18.139.0/26 1.18.139.2 > eth0.101 !1.155.136.192/26 1.155.136.194 > #LAST LINE > > > Is this proper use of MASQ?
The first two are unnecessary since they are included in the second two. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Achieve unprecedented app performance and reliability What every C/C++ and Fortran developer should know. Learn how Intel has extended the reach of its next-generation tools to help boost performance applications - inlcuding clusters. http://p.sf.net/sfu/intel-dev2devmay
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
