On 03/13/2012 09:55 AM, dtucker wrote: > On 2012-03-12 18:08, Tom Eastep wrote: >> On 3/12/12 4:00 PM, "dtucker" <[email protected]> wrote: >> >>> After changing the entries in the DUPLICATE and COPY columns of >>> /etc/shorewall/providers to '-' and adding >>> >>> KEEP_RT_TABLES=Yes >>> ROUTE_FILTER=No >>> USE_DEFAULT_RT=Yes >>> >>> I was able to get pings to work out of the ppp0 interface when brought >>> up, and >>> then to continue to work out of the eth2 interface when the ppp0 >>> interface is >>> brought down. However, I am still unable to get pings to work out of BOTH >>> interfaces when they are both up at the same time. Any ideas on how to >>> enable >>> that? Pinging out eth2 when ppp0 is up just hangs (there is no >>> "Destination >>> host unreachable" error like before). >> >> For *any* Multi-ISP issue, we need to see the output of 'shorewall dump' >> to be able to help. See http://www.shorewall.net/Support.htm for >> instructions. >> >> -Tom >> > I've attached the results of 'shorewall dump.' I successfully pinged out > (Google.com) eth2, brought up ppp0, successfully pinged out ppp0, and then > attempted (unsuccessfully) to ping out eth2. Thanks in advance to anyone who > is > able to take a look at it. I received some "RTNETLINK: invalid argument" > errors > when executing the dump. > > Just scanning the results of the dump, I didn't see anything related to ppp0.
That's because ppp0 was not up when the dump was taken. In the dump, the default route is balanced between eth2 and eth3. > I DID see some things in the iptables related to connectivity state > (ESTABLISHED, RELATED). I don't understand how those could be in there, > since I > haven't entered in any new rules for Shorewall yet (other than ACCEPT all). > Before using Shorewall I had iptables set up with connectivity state rules, > but > I did an iptables -F and an iptables-save before rebooting and Shorewall > starting. What you are seeing is simply the result of the conntrack kernel module being loaded. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
