Hi, I'm trying to clear up my mangle configuration regarding packet marking because it doesn't seem to be working quite as I expect it to.
My LAN host at 10.215.144.48 is accessing Internet via a shorewall gateway with a MARK(1) action. Provider 1 (mark 1) is supposed to be accessed through interface ppp1. I put the following line both at the top and bottom of the mangle file (just in case): MARK(1) 10.215.144.48 0.0.0.0/0 all After reloading I tried to access https://www.iplocation.net/ from the lan host at 10.215.144.48. However, I could not read ppp1's public IP address but that of ppp2 (I cleared the client browser's cache). In fact, I could run tcpdump on the shorewall gateway to see how the traffic was flowing through ppp2 instead of ppp1: # tcpdump -n -i ppp2 host 107.154.118.114 IP 79.148.120.225.62087 > 107.154.118.114.443: Flags [P.], seq 3281967082:3281967487, ack 1044905512, win 260, length 405 I know there's the following action in between: MARK(2):P 10.215.144.0/23,10.215.246.0/23,10.215.248.0/24 However, I take it the other should prevail. The shorewall dump while connecting from 10.215.144.48 to 107.154.118.114:443 through ppp2 instead of ppp1 is here: https://drive.google.com/file/d/1SfWqdLPz2zbdJnRcBzN5K94qYChGz_F3/view?usp=sharing Any ideas? Vieri _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
