Am 09.10.2012 01:21, schrieb Tom Eastep: > On 10/8/12 12:55 PM, "Edy Corak" <[email protected]> wrote: > >> >Hi, >> > >> >I'm using IPSEC in a multi-ISP configuration, >> >lsm 0.131, Kernel 2.6.32, ipsec-tools 0.8.0 >> > >> >This worked fine with Shorewall/Shorewall-Lite 4.5.7. >> > >> >After updating Shorewall to 4.5.8 the routing of ESP packets doesn't work. >> > >> >If I change the Providers.pm file and add connmark => "! --mark >> >0/$mask" like before in Shorewall 4.5.7 than everything works fine. >> > >> >add_ijump $mangle_table->{$_} , j => 'CONNMARK', targetopts => >> >"--restore-mark --mask $mask", connmark => "! --mark >> >0/$mask" for qw/PREROUTING OUTPUT/; >> > >> >Thank you very much for your help and time. > What is your setting of USE_DEFAULT_RT? > > Thanks, > -Tom > You do not need a parachute to skydive. You only need a parachute to > skydive twice.
USE_DEFAULT_RT=No Thanks Edy
smime.p7s
Description: S/MIME Kryptografische Unterschrift
------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
