Excellent! Removing the rule causes the firewall to behave as I except. "What do you expect?"
I was using this as an example and the line: http://www.shorewall.net/MultiISP.html#USE_DEFAULT_RT "Although 'balance' is automatically assumed when USE_DEFAULT_RT=Yes, you can easily cause all traffic to use one provider except when you explicitly direct it to use the other provider via shorewall-rtrules (5) or shorewall-tcrules (5)." I see now, that this should include "rules" as well, as we had just found. Previous experimentation with "USE_DEFAULT_RT=Yes" with the outdated version prior to upgrade, did not result in any discernible difference, oddly. I was focused on using the files listed here to create the behavior I was looking for, as this appeared to be your recommendation. On 1/5/13, Tom Eastep <[email protected]> wrote: > On 01/05/2013 04:13 PM, f q wrote: >> Apologies, I test my connections by doing a "ping 8.8.8.8" (Google DNS); >> So: >> >> source IP -> 192.168.0.38 (my VPN would be down at this point, after step >> 7) >> dest IP -> 8.8.8.8 >> protocol -> ICMP >> port -> NA > > You have this rule in your rules file: > > ACCEPT $FW net icmp > > What do you expect? > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > ------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnmore_123012 _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
