> Your configuration has USE_DEFAULT_RT=Yes; from > http://www.shorewall.org/manpages/shorewall-interfaces.html > > Note > > There are certain cases where routefilter cannot be used on an interface: > > If USE_DEFAULT_RT=Yes in shorewall.conf(5) and the interface is listed > in shorewall-providers(5). <================== > > If there is an entry for the interface in shorewall-providers(5) that > doesn't specify the balance option. > > If IPSEC is used to allow a road-warrior to have a local address, then > any interface through which the road-warrior might connect cannot > specify routefilter. > > This is the cause of your martians.
USE_DEFAULT_RT=No No more martians. Thanks a lot! (I'm awaiting packets from jupiter by now. (With black monoliths inside, of course.) :) ) And until now the openvpn tunnels reestablish as intended. As far as I understand I can use rpfilter on my extrernal interfaces, can't I? Axel -- Wir verwenden ausschließlich blaue Elektronen aus biologischem Anbau. ------------------------------------------------------------------------------ Shape the Mobile Experience: Free Subscription Software experts and developers: Be at the forefront of tech innovation. Intel(R) Software Adrenaline delivers strategic insight and game-changing conversations that shape the rapidly evolving mobile landscape. Sign up now. http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
