Displaying 17 results from an estimated 17 matches for "route_rul".
Did you mean:
route_rule
2007 Dec 14
1
route_rules redirection not working
hi,
I am running shorewall 3.2.9 on Mandriva2007 with 2 ISPs. Certain
local IPs are directed to a specific ISP in route_rules, and this was
working perfectly. I had to reinstall Mandriva, and after that this
redirection is not working. My files are:
masq:
eth1 192.168.10.3 202.71.146.210
eth2 202.71.146.210 192.168.10.3
eth1 eth0 202.71.146.210
eth2 eth0 192.168.10.3
interfaces:
net eth1 detect
ne...
2012 Sep 28
1
nat & providers & route_rules questions
...me an ip range (cloud computing hooray).
If I understand it correctly just doing one-to-one nat will not work, as
the default gateway changes for every ip. so i need do add a providers
entry for every ip with the correct gateway.
Will this work with one-to-one nat? Do I need to add entries in
route_rules file to get the traffic right or is the providers entry
enough?
Thanks for any hints!
- Thomas
------------------------------------------------------------------------------
Got visibility?
Most devs has no idea what their production app looks like.
Find out how fast your code is with AppDyn...
2008 Oct 24
6
routing packet from/to source/destination
Hi all and specially Mr. Tom....
(Please, do not be acid with me please! I am only a newbie, trying learn
more about shorewall)
I get involved with a Firewall Project in a customer here in my city...
In this customer, he has two Internet Providers.
So, he ask me how make certain connection following one routing path (like
RT_1) and others connections type, following the other routing path
2008 Sep 23
3
Outgoing service always on a certain external address
Hi,
Shorewall version -4.0.12-2 (EL5 rpm version)
OS : Centos 5.2
I have shorewall successfully running on Linux with multi ISP.
Trying to make services such as "rsync, ftp" go through my secondary
ISP. For which I did the following
eth0 : Internal LAN
eth4 : DSL (Second ISP) => x.x
eth5 : T1 (First ISP) => y.y
Created the following entries in
2012 Feb 19
3
Shore wall and multi ISPs and ip addresses
Hi All!
I only ever have complex setups.
Customer site has a dedicated leased line from their ISP terminating on a
Cisco router. Router is configuered with the first usable address on a /28
network - 196.x.y.73. The linux firewall is configured with the remaining 5
ip''s, 196.x.y.74 to 196.x.y.78 and 79 as the broadcast. Sounds normal but here
is the twist. The primary or first ip
2012 Jun 13
3
Default Route disappear
...- eth1:192.168.254.5
192.168.254.1 track,loose,balance -
sg 2 2 - eth1:192.168.254.5
192.168.254.3 track,loose -
act 3 3 - eth1:192.168.254.5
192.168.254.4 track,loose -
root@TestServer:/etc/shorewall# cat route_rules
#
# Shorewall version 4 - route_rules File
#
# For information about entries in this file, type "man
shorewall-route_rules"
#
# For additional information, see http://www.shorewall.net/MultiISP.html
############################################################################
########
#S...
2011 Jan 10
12
Multi-provider halp
Hi to the list,
I configured a multi-provider setup with /etc/shorewall/providers:
Orange 1 1 main eth1 81.255.74.150
track,balance=1 eth0
Free 2 2 main eth2 88.180.116.254
track,balance=3 eth0
and /etc/shorewall/tcrules:
2:P 192.168.2.0/24 0.0.0.0/0
tcp 143
2:P 192.168.2.0/24
2012 Jan 11
0
Shorewall 4.5.0 Beta 3
...ce again accepted in the IN_BANDWIDTH columns of
tcinterfaces and tcrules, and causes no ingress policing to be
configured.
2) MARK_IN_FORWARD_CHAIN=Yes no longer generates an error when
$FW:<address> is entered in the SOURCE column of the tcrules file.
New Features:
1) The route_rules file has been renamed to ''rtrules''. The Shorewall
and Shorewall6 installers will perform the rename on an existing
file.
If both files exist, route_rules will be processed and rtrules
will be ignored.
2) Run-time address variables (e.g., ð0) may now be...
2012 Jan 11
0
Shorewall 4.5.0 Beta 3
...ce again accepted in the IN_BANDWIDTH columns of
tcinterfaces and tcrules, and causes no ingress policing to be
configured.
2) MARK_IN_FORWARD_CHAIN=Yes no longer generates an error when
$FW:<address> is entered in the SOURCE column of the tcrules file.
New Features:
1) The route_rules file has been renamed to ''rtrules''. The Shorewall
and Shorewall6 installers will perform the rename on an existing
file.
If both files exist, route_rules will be processed and rtrules
will be ignored.
2) Run-time address variables (e.g., ð0) may now be...
2012 Jan 19
3
Problema link balance and internet bank
...ank. I have 2 Internet links balancing
mode, thus the bank is charging connection down. I tried to force Internet
traffic (port 80 and 443) for only a link, however it did not work.
How do I make a setting to force the connection to these ports for a
specific link.
Note: I can not use the file as route_rules have neither the source IP (ltsp)
nor of disabling (changes from time to time)
Here conf
#providers
linkoi 1 - main eth6 201.89.0.1
track,balance=1
linkrntw 2 - main eth4 189.36.0.2
track,balance=10
#tcrules
2:T 172.16.11....
2006 Dec 28
0
Shorewall 3.4.0 Beta 1
...make it easier from users to upgrade from one release to the next
since the configuration files will only change when a column is added
or renamed.
4) Shorewall now remembers the changes that it has made to routing as a result
of entries in /etc/shorewall/providers and /etc/shorewall/route_rules and
reverses those changes when appropriate.
Happy Beta Testing,
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
------...
2010 Mar 03
5
Applications running on the Firewall (MultiISP)
...eth0 detect
net eth1 detect dhcp
net eth2 detect dhcp,logmartians=0
providers:
ISP! 1 1 main eth1 isp1_gw track,balance eth0
ISP2 2 2 main eth2 isp2_gw track,balance eth0
route_rules:
eth1 - ISP1 1000
eth2 - ISP2 1000
tcrules:
1:P 0.0.0.0/0
1 $FW
2:P 192.168.0.0/24 0.0.0.0/0 tcp 10050,10051,10052,10053,10054
The problem is that some DNS requests, ssh connections from fir...
2010 Jan 21
6
Shorewall 4.4.6 and Multiple ISP with 2 routed subnets
...DUPLICATE INTERFACE GATEWAY OPTIONS COPY
ISP1 1 1 main eth0 217.100.100.254 track,balance eth1
ISP2 2 2 main eth2 213.132.100.254 track,balance eth3
route_rules:
#SOURCE DEST PROVIDER PRIORITY
eth0 - ISP1 1000
eth2 - ISP2 1000
tcfilters:
#INTERFACE: SOURCE DEST PROTO DEST SOURCE TO...
2010 May 04
7
Packet Not 100% Received
I have problem with my shorewall. We are now doing some stress test with a http application behind the shorewall. Firstly we send 10.000 requests to a http based application with no firewall. It can received 100% requests. But when we put shorewall in front of it then it stats to loose requests. Is there any packet limitation from shorewall all it''s about conntrack? Thanks for the reply.
2012 Feb 12
7
Shorewall 4.5.0
...prog.header and
/usr/share/shorewall/prog.header6 are now in a new library -
lib.core. The files /usr/share/shorewall/prog.footer is now used
for both IPv4 and IPv6.
6) Run-time address variables (e.g., ð0) may now be used in the
SOURCE column of the rtrules files.
7) The route_rules file has been renamed to ''rtrules''. The Shorewall
and Shorewall6 installers will perform the rename on an existing
file.
If both files exist, route_rules will be processed and rtrules
will be ignored with a warning.
8) A ''PROBABILITY'' column...
2008 Nov 01
8
OpenVZ & shorewall. Did'nt work acl based on ip range.
Hello all,
It''s my first letter on this list, and, my English is not very well.
Please take me indulgence
for grammar/syntax and over erorrs :))
I have trouble for acl''s of ip range. But, acl for one host (with ip
adress) work fine.
Please help me for make work acl/find erorr in acl.
Becouse I''m new shorewall user, I maked test configuration on Virtual
Mashine
2007 Feb 09
26
transient "martian source ..." errors
Hi All,
As you probably all know :-) I''m trying to do the multi-isp thing. I''ve
resolved my last issue with the route_rules as suggested by Tom and
Jerry suggested.
Lately I have been seeing "transient" (I say transient because the
problem will persist for a while and then magically clear itself up some
number of minutes later) situations where my gateway will log:
Feb 9 17:23:45 gw.ilinx kernel: martian...