On 02/16/2012 12:45 AM, Alessandro Faglia wrote: > Dear list, > my box is a Debian Lenny (4.0) with the stock Shorewall (3.2.6-2). I cannot > upgrade right now so please don't tell me "first upgrade!" :) > > I managed to have Muliple-ISP working, and I'm driving web traffic (HTTP > and HTTPS) thru one provider and mail traffic (GMail IMAPS/SMTPS) to the > other one. My LAN (eth1) is masquerade behind two NIC, eth0 (first > provider) and eth4 (second one). > > I would like to force all traffic generating from my pc (one IP in the eth1 > network) to go thru one ISP only. My tcrules looks like this: > > 2 eth1:<my_IP> > # > # GMAIL > 2:P eth1 0.0.0.0/0 tcp 993 > 2:P eth1 0.0.0.0/0 tcp 465 > # WEB > 1:P eth1 0.0.0.0/0 tcp 80 > 1:P eth1 0.0.0.0/0 tcp 443 > 1 $FW 0.0.0.0/0 tcp 80 > 1 $FW 0.0.0.0/0 tcp 443 > > Despite of this, I cannot manage to get this to work. If I connect eg to > speedtest.net I always see the public IP associated to my first ISP (1) and > not the second one, as I would like. > > Anybody could help me? Where am I wrong? maybe on my box this is not > achieavable?
Put the rule for your IP address *last*; the tcrules file is 'last match wins'. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
