On 11/6/06, Ken D'Ambrosio <[EMAIL PROTECTED]> wrote: > Sorry for the somewhat contorted subject heading -- but it describes what > I'd like to do. I've got a T1 coming in, and a cable modem as backup in > case the T1 flakes out. The host I'm interested in tweaking sits on a > 10.x.x.x network -- it sees the T1 as 10.20.1.1 and the cable modem as > 10.20.1.133. I'd like it such that, when it receives a packet from the > NAT box on 10.20.1.1 or 10.20.1.133, it's smart enough to reply to the > same box that the packet came from. (That way, the external host doesn't > get pissed off.) After perusing iproute2 docs and Shorewall docs, I > *think* it's possible. Maybe. Add the "track" option to your /etc/shorewall/providers file: ISP1 1 1 main eth0 detect track,balance ISP2 2 2 main eth1 detect track,balance and you can add rules in /etc/tcrules to force traffic out one particular interface. Sites that keep track of your IP to keep you logged in get confused otherwise.
HTH, and that it's accurate >.> Will ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users