[Shorewall-users] Problems with two internet connections (Martians)

Fri, 16 Mar 2012 06:36:26 -0700 

Hi everybody,

first of all sorry about my english. I try to do the best y can.

I am able to run shorewall as a firewall-router with one ISP. (with
differents zones, interfaces, etc..).

My problem appear when i try to use-balance two Multiple Internet
Connections. My multiple internet lines are properly working on their own.
If i configure shorewall with one Internet Connection i have no problems.

Problems appear as i said when I use two connection. This is my
 configuration files:
 interfaces
#ZONE    INTERFACE    BROADCAST    OPTIONS
net     eth2            detect         logmartians
net     ppp0            detect         logmartians
loc     eth1            detect         logmartians

zones
#ZONE    TYPE
fw    firewall
net    ipv4
loc    ipv4

masq
#INTERFACE        SOURCE        ADDRESS        PROTO    PORT(S)    IPSEC
 MARK
eth2            192.168.40.0/24
ppp0            192.168.40.0/24

 providers
#NAME   NUMBER      MARK    DUPLICATE     INTERFACE       GATEWAY
OPTIONS         COPY
jazztel      1       0x1      main        eth2        192.168.1.1
balance,track         eth1
vodafone     2       0x2      main        ppp0                   -
 balance,track         eth1


I try to do a pin from the lan (loc) and I get it the log:

Mar 16 13:09:06 lizanote kernel: [13961.140104] ll header: 00:02:b3:c7
Mar 16 13:09:09 lizanote kernel: [13964.144026] martian source
192.168.1.100 from 212.166.210.80, on dev ppp0

# /sbin/shorewall version
4.4.11.6

ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether 00:02:b3:c7:2b:f6 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UP qlen 1000
    link/ether 00:02:b3:c7:2f:77 brd ff:ff:ff:ff:ff:ff
    inet 192.168.40.1/24 brd 192.168.40.255 scope global eth1
    inet6 fe80::202:b3ff:fec7:2f77/64 scope link
       valid_lft forever preferred_lft forever
4: eth2: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast
state DOWN qlen 1000
    link/ether 00:21:9b:61:db:b9 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.100/24 brd 192.168.1.255 scope global eth2
    inet6 fe80::221:9bff:fe61:dbb9/64 scope link
       valid_lft forever preferred_lft forever
7: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc
pfifo_fast state UNKNOWN qlen 3
    link/ppp
    inet 212.166.226.182 peer 10.64.64.64/32 scope global ppp0

ip route show
10.64.64.64 dev ppp0  proto kernel  scope link  src 212.166.226.182
192.168.1.0/24 dev eth2  proto kernel  scope link  src 192.168.1.100
192.168.40.0/24 dev eth1  proto kernel  scope link  src 192.168.40.1
default
    nexthop via 192.168.1.1  dev eth2 weight 1
    nexthop dev ppp0 weight 1

Thanks a lot

Cotolo

------------------------------------------------------------------------------
This SF email is sponsosred by:
Try Windows Azure free for 90 days Click Here 
http://p.sf.net/sfu/sfd2d-msazure
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to