Haim Ashkenazi
2003-Jul-30 01:15 UTC
[Shorewall-users] how to combine special routing with shorewall
Hi I''m not subscribed to this mailing list so please CC your answers to me (although I''m monitoring it through the archive). Here''s the question: I have a computer with 2 connections to the internet (adsl and frame-relay), 2 dmz''s and a localnet. the default gateway is the adsl, but I want connections that come through the frame-relay to be answered through it, so I''ve read the advanced routing howto and configured it with "ip" (adding another routing table etc...). my question is where to put this routing commands so it will work after shorewall comes up. I didn''t have time to really test it, but after manually configuring the routing and starting shorewall, it didn''t work. do I have to put the routing commands in ''/etc/shorewall/start''? my shorewall is 1.46 and my iptables is 1.26a. thanx -- Haim
Tom Eastep
2003-Jul-30 06:32 UTC
[Shorewall-users] how to combine special routing with shorewall
On Wed, 2003-07-30 at 01:14, Haim Ashkenazi wrote:> Hi > > I''m not subscribed to this mailing list so please CC your answers to me > (although I''m monitoring it through the archive). > Here''s the question: I have a computer with 2 connections to the internet > (adsl and frame-relay), 2 dmz''s and a localnet. the default gateway is the > adsl, but I want connections that come through the frame-relay to be answered > through it, so I''ve read the advanced routing howto and configured it with > "ip" (adding another routing table etc...). my question is where to put this > routing commands so it will work after shorewall comes up. I didn''t have time > to really test it, but after manually configuring the routing and starting > shorewall, it didn''t work. do I have to put the routing commands in > ''/etc/shorewall/start''?I wouldn''t -- they will get executed each time that you do a "shorewall restart" which isn''t what you want. I would have them executed as part of starting up my network (/etc/init.d/network) OR I would create /etc/init.d/routing and have that run after my network was started but before Shorewall starts. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net