Hi, I'm having trouble with my new multi-ISP setup with 3 pppoe links to my internet providers. I have no previous knowledge of the IP addresses the providers will assign nor the gateway I should use. It's automatically configured when dialing in with ppp.
So in my shorewall config I have the following: # cat params IF_LAN=enp10s0 IF_DMZ=enp5s0 IF_ISP1=ppp1 IF_ISP2=ppp2 IF_ISP3=ppp3 IF_ISP1_IP=detect IF_ISP2_IP=detect IF_ISP3_IP=detect IF_ISP1_GW=- IF_ISP2_GW=- IF_ISP3_GW=- IF_LAN_MASQ_ADDRESS=10.215.144.92 IF_LAN_MASQ_SOURCE=172.16.0.2 Now, the trouble I have is trying to set up masquerading. If this is the content of my snat file: SNAT($IF_ISP3_IP) 0.0.0.0/0 $IF_ISP3 SNAT($IF_ISP2_IP) 0.0.0.0/0 $IF_ISP2 SNAT($IF_ISP1_IP) 0.0.0.0/0 $IF_ISP1 SNAT($IF_ISP3_IP) $IF_LAN $IF_ISP3 SNAT($IF_ISP2_IP) $IF_LAN $IF_ISP2 SNAT($IF_ISP1_IP) $IF_LAN $IF_ISP1 SNAT($IF_ISP3_IP) $IF_DMZ $IF_ISP3 SNAT($IF_ISP2_IP) $IF_DMZ $IF_ISP2 SNAT($IF_ISP1_IP) $IF_DMZ $IF_ISP1 SNAT($IF_LAN_MASQ_ADDRESS) $IF_LAN_MASQ_SOURCE $IF_LAN then this is shorewall's error message at startup: /var/lib/shorewall/.start: line 3126: syntax error near unexpected token `fi' /var/lib/shorewall/.start: line 3126: ` fi' * ERROR: shorewall failed to start The .start script seems to have an empty "if" clause, hence the error. # cat providers ISP1 1 1 - $IF_ISP1 $IF_ISP1_GW track,balance=3,persistent ISP2 2 2 - $IF_ISP2 $IF_ISP2_GW track,balance=2,persistent ISP3 3 3 - $IF_ISP3 $IF_ISP3_GW track,balance=1,persistent I'm sorry I couldn't grab all the info required as described in http://shorewall.org/support.htm, but I had to put the system back up in production with another configuration. As soon as I can I will try to get a trace. In the meantime, maybe someone here can already suggest I try something as it must surely be a dumb configuration error on my behalf. Thanks, Vieri _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
