Re: [Shorewall-users] Routing network traffic via VPN

Thu, 03 Jan 2013 13:12:05 -0800 

On 01/03/2013 12:51 PM, f q wrote:
> "If you used 'balance' for tun0 and 'fallback' for eth0, that wouldn't
> happen. Note that you must also set 'routefilter=0' on both interfaces
> in /etc/shorewall/interfaces, if you chose to take that approach."
> 
> #providers
> 
> #NAME         NUMBER  MARK    DUPLICATE       INTERFACE       GATEWAY         
> OPTIONS
> loc           1       1       -               eth0            192.168.0.1     
> track,fallback=1
> iPredator     2       2       -               tun0            -               
> track,balance=2
> 
> #interfaces
> 
> #ZONE INTERFACE       BROADCAST       OPTIONS
> net     eth0            detect
> dhcp,tcpflags,nosmurfs,routefilter=0,logmartians,required
> vpn     tun0          detect          optional,routefilter=0
> 
> I completed the above steps, which caused some odd behavior:
> 
> 1) When already connected to OpenVPN, the VPN functioned as expected
> 2) When disconnecting from the VPN, traffic was routed through eth0
> through my default connection (seemingly ignoring all the work with
> providers / tcrules / etc)
> 3) When reconnecting to the OpenVPN my traffic continued through my
> default connection, ignoring the VPN entirely!
> 4) Disconnecting from the VPN, applying the firewall and reconnecting
> now allows no traffic to exit my firewall at all!
> 5) Disconnecting from the VPN when in state (4), will allow traffic,
> but then only through my default connection.
> 
> Reverting to previous, semi-working configuration.

You'll never get any of this to work right until you install
shorewall-init. But 4.5.11.6 Shorewall-init is pretty broken...

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
MVPs and experts. ON SALE this month only -- learn more at:
http://p.sf.net/sfu/learnmore_122712
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to