Interesting - I may have a similar issue with the following (partial)
mangle file - there is other content in the file but nothing related to
this address:
MARK(25) 10.0.69.2 - tcp smtp
MARK(25) - 10.0.69.2 tcp smtp
MARK(80) 10.0.69.2 - tcp http,https
MARK(80) 10.0.69.2 - udp http,https
Either the mark (25) is not being consistently applied, or the rtrules
entry that depends on it isn't always respecting the mark:
10.0.69.2 - cem09 1280 25
The result is that the tcp connection gets sent part on one provider and
part on another which of course doesn't work. When I noticed it I didn't
have time to diagnose properly so I found a bypass (rtrules 10.0.69.2 -
cem09 1281) that doesn't depend on the mark but that isn't a good solution.
If I get time I will do another dump, but maybe your case will lead to a
solution before that :)
- Norm
On Wed, Sep 27, 2017 at 2:00 PM, Vieri Di Paola via Shorewall-users <
[email protected]> wrote:
> Hi again,
>
> It seems that I'm getting mixed results. According to the dump I'm posting
> in the link below, shouldn't a host accessing 193.104.0.136 on port 443 go
> out provider marked as 3?
>
> The dump was taken while trying to open https site at 193.104.0.136 from
> 10.215.144.48.
>
> https://drive.google.com/open?id=0B-tpkY1LkI67X0FzWnRMSFRYd1E
>
> I had mixed results. Sometimes traffic is going out provider 3, and at
> times it's going out another provider.
>
> So my previous posts are probably "wrong" in that the netmask has nothing
> to do with the issue I'm seeing.
>
> Even if I balance traffic in the providers file, I require traffic to
> 193.104.0.136 to *always* go out provider 3.
>
> Regards,
>
> Vieri
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
