Shorewall users - Apr 2005 - shorewall, multiple internet connections and emule

Hi to everybody, I write because I have just configure a shorewall 
to be used as firewall, proxy(with squid) and gateway to 2 internet 
connections, and it looks to work properly but now I''d like to add a
new
feature: I would to redirect some specific traffic (emule''s one) only
to
one of those links.
This is my diagram:

                                                                       
            --> router1 192.168.1.1
LAN --> (192.168.2.1)SHOREWALL(192.168.1.10)|
                                                                       
            --> router2 192.168.1.11
Here you are all the information I think could be necessary:
shorewall version
2.0.8

ip addr show
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:11:43:cd:d8:d0 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.10/24 brd 192.168.1.255 scope global eth0
    inet6 fe80::211:43ff:fecd:d8d0/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:11:43:cd:d8:d1 brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:0e:0c:6d:54:97 brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.1/24 brd 192.168.2.255 scope global eth2
    inet6 fe80::20e:cff:fe6d:5497/64 scope link
       valid_lft forever preferred_lft forever
5: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0

ip route show
192.168.2.0/24 dev eth2  proto kernel  scope link  src 192.168.2.1
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.10
10.10.0.0/16 dev eth2  scope link
127.0.0.0/8 dev lo  scope link
default proto static
nexthop via 192.168.1.1  dev eth0
nexthop via 192.168.1.11  dev eth0


 I have this shorewall''s conf:
       interfaces:
          net     eth0            detect
          loc     eth2            detect


        masq:
          eth0                    eth2

     I have read this 
http://www.shorewall.net/shorewall_setup_guide.htm#dnat so I think it 
would be enough if I add these rules:
            DNAT         loc           net:192.168.1.11      tcp    4661
            DNAT         loc           net:192.168.1.11      tcp    4662
            DNAT         loc           net:192.168.1.11      udp    4665
            DNAT         loc           net:192.168.1.11      udp    4672

    What do you think? Any suggestion?
   

-- 
Un Saludo.
Javier Ramirez Molina
Departamento Ingeniera Scancom
jramirez@scancom.es
Telefono: 952486557

Javier Ramirez wrote:
>    Hi to everybody, I write because I have just configure a shorewall to
> be used as firewall, proxy(with squid) and gateway to 2 internet
> connections, and it looks to work properly but now I''d like to add
a new
> feature: I would to redirect some specific traffic (emule''s one)
only to
> one of those links.
> 
This is a policy routing problem, not a firewall problem -- see
http://shorewall.net/Shorewall_and_Routing.html

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key