hi
i've asked lately if i'm on the right track to do nat, providers and rtrules.
Thanks Tom for your reply!
Finally I got it working and I'd like to share it as an example.
- Thomas
Situation:
* Shorewall 4.5.5.3
* OS: Debian Squeeze
* eth0 with ip 8.8.8.8 and ip alias 7.7.7.7 (eth0:0)
* 8.8.8.8 has default gateway 8.8.8.1
* 7.7.7.7 has default gateway 7.7.7.1
* internal lan is 10.7.7.0/24
* 10.7.7.13 is 7.7.7.7 external
* all others get 8.8.8.8 external
And are the relevant config files:
############################################################################################
# providers
############################################################################################
#NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS
COPY
cs1 1 1 main eth0:8.8.8.8 8.8.8.1
cs2 2 2 main eth0:7.7.7.7 7.7.7.1
####################################################################################
# rtrules
####################################################################################
#SOURCE DEST PROVIDER PRIORITY
MASK
17.7.7.13 - cs2 1000
10.7.7.0/24 - cs1 1000
###############################################################################
# masq
###############################################################################
#INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC
MARK
eth0:0(cs2) 10.7.7.13 7.7.7.7
eth0(cs1) 0.0.0.0/0 8.8.8.8
------------------------------------------------------------------------------
Don't let slow site performance ruin your business. Deploy New Relic APM
Deploy New Relic app performance management and know exactly
what is happening inside your Ruby, Python, PHP, Java, and .NET app
Try New Relic at no cost today and get our sweet Data Nerd shirt too!
http://p.sf.net/sfu/newrelic-dev2dev
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
