Hi,
in my two ISPs Setup every package except that for aaa.117.77.217 should be
routed via the ppp0 (tcom) interface.
provider:
tcom 1 0x100 - ppp0 -
balance=2 -
netco 2 0x200 - eth4 aaa.117.77.217
balance=1 -
tcrules:
#alles über tcom:
0x100:P 0.0.0.0/0
0x100 $FW
#Meb via netco
0x200 - aaa.117.77.202
shorewall show ip:
3: eth4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen
1000
inet aaa.117.77.218/29 brd aaa.117.77.223 scope global eth4
inet aaa.117.77.222/29 brd aaa.117.77.223 scope global secondary eth4:0
inet aaa.117.77.219/29 brd aaa.117.77.223 scope global secondary eth4:1
92: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc pfifo_fast
state UNKNOWN qlen 3
inet bbb.152.162.192 peer 217.0.117.221/32 scope global ppp0
As far as I can see the routing via ppp0 is ok, but not so is the source IP.
It's switching between the ppp0 and the eth4 IP. And obviously there are no
answer packages for the aaa.117.77.218 sourced ones.
tshark -i ppp0:
0.473136 bbb.152.162.192 -> 141.76.2.4 TCP 68 43768 > http [ACK] Seq=2848
Ack=2262 Win=27392 Len=0 TSval=279996039 TSecr=2412064345
1.001138 aaa.117.77.218 -> 195.20.242.89 TCP 76 35771 > http [SYN] Seq=0
Win=14600 Len=0 MSS=1460 SACK_PERM=1 TSval=279996171 TSecr=0 WS=64
What's wrong with the shorewall config?
Axel
--
Wir verwenden ausschließlich blaue Elektronen aus biologischem Anbau.
------------------------------------------------------------------------------
DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps
OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access
Free app hosting. Or install the open source package on any LAMP server.
Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native!
http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
