On 10/28/2013 12:17 PM, Axel Zöllich wrote: > Am Montag, 28. Oktober 2013, 11:56:08 schrieb Tom Eastep: >> On 10/28/2013 10:07 AM, Axel Zöllich wrote: >>> With the following setup (two providers, two ipsec tunnels both of them >>> "INSTALLED" following ipsec status) I get only one entry in tabel 220: >>> >>> providers: >>> tcom 1 0x100 - ppp0 - >>> balance=2 - >>> netco 2 0x200 - eth4 aaa.bbb.77.217 >>> balance=1 - >>> >>> tcrules: >>> 0x100:P 0.0.0.0/0 >>> 0x100 $FW >>> 0x200 - aaa.bbb.77.202 >>> >>> zones: >>> pktgh ipsec mode=tunnel mss=1024 >>> # Praxis G >>> jung ipsec mode=tunnel mss=1024 >>> # diagnostics >>> >>> hosts: >>> pktgh eth4:192.168.223.0/24,aaa.bbb.77.202 ipsec >>> jung ppp0:192.168.1.0/24 ipsec >>> >>> root@router-pikt-1:~# ip route show table 220 >>> 192.168.223.0/24 via aaa.bbb.77.217 dev eth4 proto static src >>> 192.168.222.241 >>> >>> 192.168.223.71 is pingable. >>> A ping to 192.168.1.4 isn't successful. >>> >>> Why there is missing an entry for 192.168.1.0/24 src 192.168.222.241 in >>> table 220? >> >> There is no provider 220, so Shorewall is not maintaining that table. > But where the table is comming from?
Not Shorewall. > >> Where are you pinging from? >>From the router itself whith the following networkinterfaces: With what source IP address>? -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Android is increasing in popularity, but the open development platform that developers love is also attractive to malware creators. Download this white paper to learn more about secure code signing practices that can help keep Android apps secure. http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
