On 3/11/2014 1:46 PM, Jeremy Lowery wrote: > Hello. > > I've never posted to this ml before, so just wanted to say thanks for > Shorewall. It's been great been using it for years. > > This server has two ISP's on different NIC's. I only really care about > responding to traffic out the same address that it originates from. I > accomplish this using two ip route tables and some ip rules. (The same > way as described > here: http://lartc.org/howto/lartc.rpdb.multiple-links.html). > > This has worked great for a long time, but I recently ugraded from > shorewall 4.4.6 to 4.4.26 (by means of Ubuntu LTS upgrade). Now none of > the firewall rules match the secondary interface in shorewall so I > cannot serve any services on it. Is there any easy fix here, or am I > going to have to change a bit of Shorewall configuration to keep using it? > > I've scoured this link here: http://shorewall.net/MultiISP.html Looks > like a new "provider" file is to be given. If I have rto econfigure the > server as specified, will this do away with my old ip route script? > > A very strange behavior of the system now is that the secondary public > ip address cannot be pinged from anywhere besides the local public > network when shorewall is turned on. So it's like disabling traffic out > the secondary gateway perhaps? >
Please post the output of 'shorewall dump' (with Shorewall started) as a compressed attachment. Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/13534_NeoTech
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
