This is my config Shorewall shorewall-3.0.2-1 iptables iptables-1.2.9-7.1.101mdk this is my /etc/shorewall/providers ISP1 1 1 main eth1 195.xxx.xxx.xxx track,balance ISP2 2 2 main eth2 212.xxx.xxx.xxx track,balance this is the error Default route nexthop via 195.xxx.xxx.xxx dev eth1 weight 1 nexthop via 212.xxx.xxx.xxx dev eth2 weight 1 Added. iptables v1.2.9: Unknown arg `--mask'' Try `iptables -h'' or ''iptables --help'' for more information. ERROR: Command "/sbin/iptables -t mangle -A routemark -m mark ! --mark 0 -j CONNMARK --save-mark --mask 255" Failed Any ideas When i comment out ISP1 and ISP2 lines everything works fine,but no multiple ISP.s ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
Think your missing support in your kernel and /or iptables, what does /sbin/shorewall show capabilities output? In order to use the providers file you need to have: CONNMARK Target: Available Connmark Match: Available Jerry ----- Original Message ----- From: "Tanoviæ Branko" <tanovic@bitsyu.net> To: <shorewall-users@lists.sourceforge.net> Sent: Monday, December 05, 2005 05:50 Subject: [Shorewall-users] I got error Mandriva 10.1 + Multiple ISP Config> This is my config > > Shorewall shorewall-3.0.2-1 > iptables iptables-1.2.9-7.1.101mdk > > this is my > /etc/shorewall/providers > > ISP1 1 1 main eth1 195.xxx.xxx.xxx > track,balance > ISP2 2 2 main eth2 212.xxx.xxx.xxx track,balance > > this is the error > > Default route nexthop via 195.xxx.xxx.xxx dev eth1 weight 1 nexthop > via 212.xxx.xxx.xxx dev eth2 weight 1 Added. > iptables v1.2.9: Unknown arg `--mask'' > Try `iptables -h'' or ''iptables --help'' for more information. > ERROR: Command "/sbin/iptables -t mangle -A routemark -m mark ! > --mark 0 -j CONNMARK --save-mark --mask 255" Failed > > Any ideas > When i comment out ISP1 and ISP2 lines everything works fine,but no > multiple ISP.s > > > >------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_idv37&alloc_id865&op=click
as usual, remove the mandriva version of iptables and install source package from netfilter.org. On 12/5/05, Tanović Branko <tanovic@bitsyu.net> wrote:> > This is my config > > Shorewall shorewall-3.0.2-1 > iptables iptables-1.2.9-7.1.101mdk > > this is my > /etc/shorewall/providers > > ISP1 1 1 main eth1 195.xxx.xxx.xxx > track,balance > ISP2 2 2 main eth2 212.xxx.xxx.xxx track,balance > > this is the error > > Default route nexthop via 195.xxx.xxx.xxx dev eth1 weight 1 nexthop > via 212.xxx.xxx.xxx dev eth2 weight 1 Added. > iptables v1.2.9: Unknown arg `--mask' > Try `iptables -h' or 'iptables --help' for more information. > ERROR: Command "/sbin/iptables -t mangle -A routemark -m mark ! > --mark 0 -j CONNMARK --save-mark --mask 255" Failed > > Any ideas > When i comment out ISP1 and ISP2 lines everything works fine,but no > multiple ISP.s > > > > > > > ------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. Do you grep through log > files > for problems? Stop! Download the new AJAX search engine that makes > searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! > http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >-- Regards, Wong Chee Chun Network Engineer Softmy Co. Ltd (http://www.softmy.com)