Tom Eastep wrote: > On Tue, 2011-10-25 at 15:13 +0200, OBones wrote: > >> 192.0.2.0/24 dev eth1 proto kernel scope link src 192.0.2.189 metric 10 >> 10.10.10.0/24 dev eth0 proto kernel scope link src 10.10.10.254 >> metric 10 >> 169.254.0.0/16 dev eth1 scope link metric 10 >> 169.254.0.0/16 dev eth0 scope link metric 10 >> 127.0.0.0/8 dev lo scope link >> default via 192.0.2.254 dev eth1 metric 10 >> default via 10.10.10.254 dev eth0 metric 10 > Get rid of the default route out of eth0 -- a simple configuration like > yours should have exactly one default route - out of the 'net' > interface. Thanks, I removed the default route on eth0. For reference to others, this was done with the following command:
route del default gw 10.10.10.254 eth0 this worked, the route is no longer there. Not being near the firewall at the moment, I can't test the "routed" mode for the modem just yet but will try tonight and keep everyone posted. However, I have one more question: This default route is not something I remember having configured, to me it gets added every time I reboot the firewall. I looked around and found that it could come from /etc/sysconfig/network-scripts/ifcfg-eth0 Can you confirm that I need to remove the "GATEWAY=10.10.10.254" line from /etc/sysconfig/network-scripts/ifcfg-eth0 in order to prevent the default route from being added on every boot? I know I could issue the above "route del" command in /etc/rc.d/rc.local and then restart shorewall, but I would like a nicer solution if there is one. Regards Olivier ------------------------------------------------------------------------------ The demand for IT networking professionals continues to grow, and the demand for specialized networking skills is growing even more rapidly. Take a complimentary Learning@Cisco Self-Assessment and learn about Cisco certifications, training, and career opportunities. http://p.sf.net/sfu/cisco-dev2dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
