Hi,
Routing Rules
0: from all lookup local
1: from all fwmark 0x200/0x200 lookup Tproxy
220:from all lookup 220
999:from all lookup main
[...etc...]
Is it "safe" to insert routing rules with priorities between 221 and
998 for policy based routing? I need to add exceptions to th
On Tue, Nov 5, 2019 at 6:13 PM Tom Eastep wrote:
>
> No -- you can simply use 'ip route replace'.
Oh, interesting. However, it's still not as versatile as "inserting" a
new rule in whatever position (priority index) and then deleting it.
I guess I might use some sort of placeholder here and t
On 11/5/19 3:18 AM, Rodrigo Araujo wrote:
> Hi.
>
> Furthermore, if you do "shorewall disable " that
> provider's routing rules are just removed, and when you know the
> provider is OK again, you can just do the "enable" counterpart for them
> to be put back in place.
>
> So I also find it more p
On 11/5/19 2:55 AM, Vieri Di Paola wrote:
> Hi,
>
> On Mon, Nov 4, 2019 at 5:56 PM Tom Eastep wrote:
>>
>>> The advantage of using route rules is that I can use "priority blocks"
>>> and insert a rule dynamically without the need to reload shorewall.
>>> Static routes in the main table don't allo
Hi.
Furthermore, if you do "shorewall disable " that
provider's routing rules are just removed, and when you know the
provider is OK again, you can just do the "enable" counterpart for them
to be put back in place.
So I also find it more pratical to use shorewall's rtrules for this
(it's really w
Hi,
On Mon, Nov 4, 2019 at 5:56 PM Tom Eastep wrote:
>
> > The advantage of using route rules is that I can use "priority blocks"
> > and insert a rule dynamically without the need to reload shorewall.
> > Static routes in the main table don't allow me to "insert" a route on
> > the fly. I would
On 11/4/19 3:14 AM, Vieri Di Paola wrote:
> Hi,
>
> On Thu, Oct 31, 2019 at 9:47 PM Tom Eastep wrote:
>>
>> You have a large number of routing rules with priorities >= 11000;
>> trying to route to any of the networks referenced in those rules is is
>> not possible for packets that originate from
Hi,
On Thu, Oct 31, 2019 at 9:47 PM Tom Eastep wrote:
>
> You have a large number of routing rules with priorities >= 11000;
> trying to route to any of the networks referenced in those rules is is
> not possible for packets that originate from the another provider,
> because the fwmark rules wit
On 10/31/19 6:41 AM, Vieri Di Paola wrote:
> Hi,
>
> I am trying to access host with IP address 10.215.134.111 on port 443
> from host with IP address 10.215.144.92.
>
> The shorewall dump during the connection attempt is here:
> https://drive.google.com/file/d/16-ajeHLOq_TxU_Y6Hs0g34KNR9QpFeGq/v
Hi,
I am trying to access host with IP address 10.215.134.111 on port 443
from host with IP address 10.215.144.92.
The shorewall dump during the connection attempt is here:
https://drive.google.com/file/d/16-ajeHLOq_TxU_Y6Hs0g34KNR9QpFeGq/view?usp=sharing
I can see the requests coming into the F
10 matches
Mail list logo
