Alexandr Seidl (orange & green solutions)
2003-Oct-08 14:25 UTC
[Shorewall-users] config help
helo,
Ihave network which folow configuration:
ad I have question, how can I config shorewall to work it fine
ISP1 ISP2
| |
| |
--------------
| eth1 eth2|
| IP1 IP2|
| shorewall |
| firewal |
| eth0 |
---------------
|
|
|
SERVER
probles is: SERVER have LOC 192.168.0.1 IP and i must configure firewal
to forward al trafic from ISP1 to SERVER and from ISP2 also to SERVER
requirement is that paket must go back via right ISP, when connection
arrive from ISP1 paket must go back via ISP1.
--
Alexandr Seidl
oddeleni v?voje
orange & green solutions
Nygrinova 268
562 01 ?st? nad Orlic?
mailto:seidl@og.cz
tel: +420 465526901
mobil:+420 732836639
On Wed, 2003-10-08 at 14:25, Alexandr Seidl (orange & green solutions) wrote:> helo, > Ihave network which folow configuration: > ad I have question, how can I config shorewall to work it fine > > > ISP1 ISP2 > | | > | | > -------------- > | eth1 eth2| > | IP1 IP2| > | shorewall | > | firewal | > | eth0 | > --------------- > | > | > | > SERVER > > probles is: SERVER have LOC 192.168.0.1 IP and i must configure firewal > to forward al trafic from ISP1 to SERVER and from ISP2 also to SERVER > requirement is that paket must go back via right ISP, when connection > arrive from ISP1 paket must go back via ISP1.This is not really a Shorewall configuration issue. In Shorewall, you simply declare both eth1 and eth2 to be ''net'' interfaces (in /etc/shorewall/interfaces) and you masquerade the local net through both of those interfaces in /etc/shorewall/masq. For setting up the routing, you need to see section 4.2.1 in the LARTC HOWTO (link available from the Shorewall "Useful Links" page). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net