similar to: issues in tcrules

Hello Shorewall list, I''m a happy Shorewall user since a few years now and everything works fine for me except one thing that I try to implement since a week, the multi-isp. I''ve downloaded the 2.4.0 Stable release yesterday and tried the RC2 since a week. My config is a Debian running a kernel 2.4.27 home made with the CONNMARK.diff patch applied I''m using 2 ISP,

Hi, I have a little problem to setup iproute in my network It looks like this: ---- ----- ------ R1 R2 R3 ---- ----- ------ | | | | | | ------------------------------- ETH1 ETH2 ETH3 ETH0 ETH4 -------------> DMZ ------------------------------ | |

I tried to the new GATEWAY option in /etc/shorewal/interfaces file but it didnt work. My network setting consists of 2 ISPs line and i would like to have eth0 to connect to for example, 192.168.15.254 while eth1 connected to 192.168.33.254. I restarted shorewall and nothing is wrong. However, the traffic still goes to the default gateway as shown in "route -n" command. For example, i

Hi there. Currently, our network design has two ISP lines and 3 subnets for LAN. Below are some details :- eth0 - isp1 eth1 - isp2 eth2 - subnet1 eth3 - subnet2 eth4 - subnet3 What i wanted to do is to assign incoming port 80 to our local squid server running on the firewall itself and assigned it to eth0(ISP1). I think it shouldnt be a problem as /etc/shorewall/rules provides a sample of the

Hi all, I have a client that has 4 subnets within his building, internet, office, business center and wireless. My plan is to use Shorewall but I have never tested it with more than 2 interfaces. Is this possible? Would there be any issues that might arise. Each subnet would have access to the internet but there will be no communications allowed between the others. Thanks in advance....

Hi, i have a question if linux is able to do the same thing that commercial wan simulators do (which cost 7000 $ or more). Basicly i want to use the following setup. Linux Router Machine 192.168.0.1 192.168.1.1 Eth0 192.168.10.1 Eth5 192.168.2.1 Eth1 192.168.100.1 WEB Server. 192.168.3.1 Eth2

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=40 laforge@netfilter.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED ------- Additional Comments From laforge@netfilter.org 2003-02-03 16:49 ------- We haven't seen this

Hi all, I have one bridge system (used for controlling bandwidth) connected to three different DSL ISP provider. I have the following setup below: - +-------------+ | br0 | | -> eth1 | -> DSL_1 | -> eth2 | +-------------+ | br1 | | -> eth3 | -> DSL_2 | -> eth4 | +-------------+ | br2 | | -> eth5

Hello newsgroup, I hope somebody with more routing experience then me can help me with the problem I have. The setup is as described below. A dual internet provider routing, multiple local area networks, and a dmz network with one public and one private ip range. I followed the instructions at lartc.org, and so far everything is working. The default route is via

I''ve got a linux machine (fedora core 3) with 4 network cards. I looked at the howto and the only example that is close to what I need to do is section 4.2 on multiple uplink providers. I feel like I''m so close but just can''t get my head around the final part. Here is what I have eth2 and eth4 connect to 2 different isps. I want all connections the come from my dmz

Hi, I have a linux router with 4 ethernet cards; eth0 through eth3. Basically, all I want to do is route all traffic from eth2 to eth0, and all traffic from eth1 to eth3. I''ve looked through the LARTC how-to, specifically at chapter 4, about multiple providers. However, I am still a bit confused, and not sure how to set up my routing tables, as my scenario differs from the one in the

The current thread on the User''s List entitled "Multi-ISP in 2.4.0" includes the following tcrules file: ############################################################################ ## #MARK SOURCE DEST PROTO PORT(S) CLIENT USER TEST # PORT(S) 201:P eth2 ppp1

Hi, I''m a long time shorewall user and I like it very much. There is only one thing were I''m not always happy with: the config files. There has been discussion on the list about the comments in the files. My concern is that I loose overview over my configuration because of the many config files. Of course there are advantages too but I thinking wether another config format would

All, I've got a machine running CentOS 5.3 and this machine has got 2 - built-in 1 Gig NICs and a expansion card with 4 - 100 Meg NICs. For whatever reason at install time, it made the expansion card eth0 through eth3 and the internal ports eth4 and eth5. And by default the 'machine' is known on the network by the eth0 NIC, so my throughput is limited to 100 Mb. How can I force

Hello, I''m new to Xen (and this mailing-list) and facing some problems with the network. I''m stuck and don''t know how to continue. And Google isn''t very helpful either... My setup: - Ubuntu 7.10 for dom0 and Debian 4.0 for all domU - 4 physical NIC (DHCP from my ISP, internal LAN, DMZ & WLAN) - 1 Dom as firewall/router - 1 domU with internal services

Hi There, I have a bit of an odd issue. I am testing Xen 3.0.2 on a machine before fully migrating to it from 2.0.7. The host OS is Ubuntu 6.06, and I am running the pre-compiled Xen code (kernel, tools) from the Xen site. I have two NICs, both if which I amhidung from Dom0 via the ''pciback.hide'' grub entry. I am have the bridges setup in the

Hi, I met a problem when using bridge with netfilter. The kernel version 2.4.20, and the patch is bridge-nf-0.0.10-against-2.4.20.diff. Our firewall configuration is as follows, eth3,eth4,eth5,eth6 configured as a bridge with an IP address 10.0.0.1. The local net connect to the internet via the gateway 10.0.0.1 and SNAT is applied on the firewall. It worked but sometimes there are some

Ok here are all the information the website said I should include first: [root@residents root]# shorewall version 1.4.8 [root@residents root]# ip addr show 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo 2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100

I have a setup with two Internet providers. One circuit (net0 == eth1) is used primarily for employees and tunnels to other sites. The other (net1 == eth2) is for the production machines that customers access. Everythung works in teh sense that packets get to where they are sent (mostly) but I recently I had a sniffer on the system and noticed a problem I cannot solve. traffic coming in

I have been studying Tom''s configuration at: http://www.shorewall.net/myfiles.htm -and- http://www.shorewall.net/NAT.htm I am using SBC as an ISP and also have 5 "real" IP addresses and because of other issues, have to re-do my set-up. If I have a block at .120/29 assigned to me, what SBC does is give you 5 usable addresses, in my case .121 is the SBC modem/router and