On 01/01/2013 01:15 PM, f q wrote: > Apologies for the long reply time, I've been quite busy with other projects. > > I made the changes you requested (see below for specifics). > > 1) I am able to start the firewall without connection to OpenVPN > 2) I am able to connect to OpenVPN without issue with the firewall up > 3) I can then restart the firewall with OpenVPN up to enforce traffic > shaping with the 'tun0' adapter > 4) I can use the OpenVPN normally during this time > 5) I can disconnect the OpenVPN and normal traffic is blocked from > traversing my local connection > 6) I Cannot reconnect to OpenVPN once this is done, though I have > supplied rules in 'tcrules' to attempt to provide exceptions for > OpenVPN traffic. > > Firewall eth0 ip address: 192.168.0.38, gateway (my home router) 192.168.0.1. > > I am working from the examples in "MultiISP" > (http://www.shorewall.net/MultiISP.html#USE_DEFAULT_RT) and "Complex > Traffic Shaping" > (http://www.shorewall.net/traffic_shaping.htm#tcrules). > > I am not the most experienced with routing, so I will freely confess > that most of the discussion in these articles, I do not completely > understand. > > But the basic idea appears to be: Shape traffic to go over OpenVPN > only (mark 2), then provide exceptions for traffic defined in > 'tcrules' such that said traffic is marked for my standard connection > (mark 1). Please correct me if I'm wrong.
Have you configured openvpn to always bind to 192.168.0.38 for its local address? -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Master Java SE, Java EE, Eclipse, Spring, Hibernate, JavaScript, jQuery and much more. Keep your Java skills current with LearnJavaNow - 200+ hours of step-by-step video tutorials by Java experts. SALE $49.99 this month only -- learn more at: http://p.sf.net/sfu/learnmore_122612
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
