search for: shorewall_and_routing

I know this is a FAQ and that it''s been discussed much before, I''m just looking for a few key things. I need to setup our gateway so that traffic FROM a range of IPs is sent out, masqueraded, via a new cable connection. I''m running 2.6.9. Am I going to require any of the CONNMARK patches or other patches from http://www.ssi.bg/~ja/#routes? I''m really not sure

...e gateway in /etc/shorewall/providers? I have in my scenario: eth0 dsl (static IP) eth1 cable (dhcp assigned IP) eth2 lan1 Is it possible to specify the gateway as a variable based on the current DHCP lease (like $eth0_gw)? I''m following the documentation at http://www.shorewall.net/Shorewall_and_Routing.html. -Scott

...Available IP range Match: Available Recent Match: Available Owner Match: Available Ipset Match: Not available ROUTE Target: Not available Extended MARK Target: Not available CONNMARK Target: Available Connmark Match: Available I have been following http://www.shorewall.net/Shorewall_and_Routing.html#id2452708 my providers looks like this: #NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS INT1 1 1 main eth1 172.16.0.1 track,balance IP1 2 2 main eth2 172.16.0.2 track,balanc...

I''m having another little problem with my new firewall. I want outgoing port 25 from my mail server to appear on the address 65.223.121.227 so I created the file masq: eth2 192.168.124.18 65.223.121.227 tcp 25 eth1 eth5 eth1 eth3 eth1 eth4 eth1 == net0 == 209.189.103.196/27 eth2 == net1 == 65.223.121.237/28 eth3 == dmz0 eth4 == dmz1 eth5 == loc ==

Hi all, I have just upgraded to a new satellite internet provider. I have two network cards - one with a public IP connected to my satellite router, and the second network card with private IP into my switch for the LAN. Shorewall firewall My old satellite system is not being used. Would it be possible/feasable to install a third network card into my Fedora Core 2 server, and then direct all

Hi, In a routed network environment, without the router , we want to use the shorewall as the firewall/router. The ISP has assigned the following set of IP addresses. WAN IP for subnet 1 (DATA) 220.227.202.X/30 ( to be assigned to eth0 of the shorewall) WAN IP for subnet 2 (Voice) 220.227.202.Y/30 ( to be assigned to eth1 of the shorewall) Addresses assigned for Subnet 1 by

...multiple-ISP support. There is one external change to the version that has been in CVS for the last couple of days -- the ''default'' provider option has been named ''balance'' to better describe what the option does (load balancing). Please see http://shorewall.net/Shorewall_and_Routing.html for more information on the features in this release. New Features in version 2.3.2 1) Shorewall 2.3.2 includes support for multiple internet interfaces to different ISPs. The file /etc/shorewall/providers may be used to define the different providers. It can actually be used to de...

Hi, I just got a DSL line and want to make shorewall to route some traffic over the DSL and some over T1. Can I do it using shorewall? Thanks, Wahid Sharif Systems Administrator Placemark Investments Phone: 972-404-8100 x2032

Hello Shorewall users, I have some questions I am hoping someone can answer. I have searched around the archives but so far I have been unable to find answers. I am trying to configure traffic shaping on my router/firewall box running Shorewall 3.0.5/kernel 2.4.31 and have run into some problems/questions. My basic set up is: 1500/256kbit ADSL (PPPoE/ppp0) -> Shorewall box

Hi to everybody, I write because I have just configure a shorewall to be used as firewall, proxy(with squid) and gateway to 2 internet connections, and it looks to work properly but now I''d like to add a new feature: I would to redirect some specific traffic (emule''s one) only to one of those links. This is my diagram:

Hello Shorewall list, I''m a happy Shorewall user since a few years now and everything works fine for me except one thing that I try to implement since a week, the multi-isp. I''ve downloaded the 2.4.0 Stable release yesterday and tried the RC2 since a week. My config is a Debian running a kernel 2.4.27 home made with the CONNMARK.diff patch applied I''m using 2 ISP,

Hello all. First of all, please be a bit indulgent to my poor English :-). Second, this message is "kinda" BIG, so if you don''t like BIG messages, simply don''t read it :-). I''ve read http://shorewall.net/2.0/Shorewall_and_Routing.html and http://shorewall.net/MultiISP.html, however I still a bit confused how to organize what I need :-). I''ve a simple "layout" like a lot of people here have: eth0 LAN (192.168.1.0/24) ------ Shorewall --- eth1 --- DSL --- SVR...

Having a problem with the 3 interface setup. I can get DMZ hosts, and FW to see internet, but anything on LOC interface is unable to get out. My first post to the list didn''t have the information needed, sorry for that, but thank you for pointing me to more resources. I''ve looked at the problem myself some more, but am still stuck. Shorewall Version: 2.2.1 ip addr show 1:

I have a setup with two Internet providers. One circuit (net0 == eth1) is used primarily for employees and tunnels to other sites. The other (net1 == eth2) is for the production machines that customers access. Everythung works in teh sense that packets get to where they are sent (mostly) but I recently I had a sniffer on the system and noticed a problem I cannot solve. traffic coming in

Hello, You will find in attachment the layout of my current physical configuration. For now, the Cable ISP is not used. Since it is a dynamic ISP, my mailserver is rejected and my domain name registers on blacklists like ORDB and al. I want it to be used as a default gateway except for my mail server that would be seen as coming from my "honest" ADSL ISP. Here is

...130.252.99.254 track,balance'' + read first rest + ''['' x# = xINCLUDE '']'' + echo ''# '' + read first rest + ''['' x# = xINCLUDE '']'' + echo ''# For additional information, see http://shorewall.net/Shorewall_and_Routing.html'' + read first rest + ''['' x############################################################################## = xINCLUDE '']'' + echo ''############################################################################## '' + read first rest + ...