On 03/13/2012 10:19 AM, Don Tucker wrote: > > On 3/13/2012 11:55 AM, dtucker wrote: >> On 2012-03-12 18:08, Tom Eastep wrote: >>> On 3/12/12 4:00 PM, "dtucker"<[email protected]> wrote: >>> >>>> After changing the entries in the DUPLICATE and COPY columns of >>>> /etc/shorewall/providers to '-' and adding >>>> >>>> KEEP_RT_TABLES=Yes >>>> ROUTE_FILTER=No >>>> USE_DEFAULT_RT=Yes >>>> >>>> I was able to get pings to work out of the ppp0 interface when brought >>>> up, and >>>> then to continue to work out of the eth2 interface when the ppp0 >>>> interface is >>>> brought down. However, I am still unable to get pings to work out >>>> of BOTH >>>> interfaces when they are both up at the same time. Any ideas on how to >>>> enable >>>> that? Pinging out eth2 when ppp0 is up just hangs (there is no >>>> "Destination >>>> host unreachable" error like before). >>> For *any* Multi-ISP issue, we need to see the output of 'shorewall dump' >>> to be able to help. See http://www.shorewall.net/Support.htm for >>> instructions. >>> >>> -Tom >>> >> I've attached the results of 'shorewall dump.' I successfully pinged out >> (Google.com) eth2, brought up ppp0, successfully pinged out ppp0, and >> then >> attempted (unsuccessfully) to ping out eth2. Thanks in advance to >> anyone who is >> able to take a look at it. I received some "RTNETLINK: invalid >> argument" errors >> when executing the dump. >> >> Just scanning the results of the dump, I didn't see anything related >> to ppp0. >> I DID see some things in the iptables related to connectivity state >> (ESTABLISHED, RELATED). I don't understand how those could be in >> there, since I >> haven't entered in any new rules for Shorewall yet (other than ACCEPT >> all). >> Before using Shorewall I had iptables set up with connectivity state >> rules, but >> I did an iptables -F and an iptables-save before rebooting and Shorewall >> starting. >> >> Don > After manually reflushing iptables
Why are you doing that? It is totally unnecessary. > and restarting Shorewall, I repeated > the above test. This time ppp0 appeared in the IP Configuration section > of the dump. I've attached that file as well, in case it is more > relevant that the previous one. The problem here is that bringing up ppp0 is plopping a default route into the main routing table. You need to restart shorewall once ppp0 is up and running. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
