On 3/9/2015 9:07 AM, Marcello Giordano wrote: > Hi all, > > I have a multi-isp in which one provider is my regular connection (on > eth0) and the other is a vpn connection (using openvpn on tun0). > > I wrote a rule in the mangle file to mark all packets from a specific > user to be routed automatically through the vpn, while the rest of the > traffic goes through eth0. > > Everything works fine, until the vpn connection is restarted (after an > inactivity timeout for example). The packets for the specific vpn user > are still being marked, but they are not routed through the correct tun0 > interface anymore. > > Dump file attached, > anything i am doing wrong?
You need to be running a link monitor like LSM. When the VPN goes down, the VPN routing table is erased. For this simple case, you could also install and configure Shorewall-init. You will want a very recent version of Shorewall-init, as there have been a number of important recent fixes. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
