On 7/9/19 9:27 AM, shorew...@iotti.biz wrote: > Hi all > > I have a Shorewall firewall with CentOS7 and shorewall-5.2.0.4, connected to > two ISPs. > For locally generated traffic, even if I mark all the firewall traffic with > on ISP mark, the traffic gets randomly or roud robin routed through one ISP, > ho the other. This leads to some difficulties: for example, with VPNs, I > have to lock them on a source address, but when a provider goes down, I have > to modify the vpn configs, where I would like only to change the mark value, > and refresh the rules. > Is there something I should do to make the MARK...$FW line in mangle work? >
No -- see http://www.shorewall.org/MultiISP.html#Local -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
