On Nov 29, 2011, at 7:32 PM, Lee Brown wrote:
> I currently have a multi-ISP config and it's working great. Host is a
> CentOS5.4 machine. Shorewall 4.4.19.1
>
> I've been asked to add a new ISP which has a 1GB download limit during
> certain hours. When the cap is hit my users want to switch traffic to
> another, shared ISP.
>
> I was planning on just issuing some iptables commands to tag the traffic for
> ISP#1 during the on time and ISP#2 during the off time, the same way an entry
> in tcrules would.
>
> The question is really how does connection tracking enter this mix and how
> can it be avoided?
What exactly is your concern with connection tracking? Can't you simply disable
the interface to ISP#1 when the limit is reached?
-Tom
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure
contains a definitive record of customers, application performance,
security threats, fraudulent activity, and more. Splunk takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
