Lux wrote: > > Ok but we could handle it correctly just now, and with small effort: as I > supposed in my original posting, I found that the problem is solved if I am > able to masq some traffic based on the presence of some mark value. So I > wrote a very small patch for Shorewall 3.2.9 that does exactly that thing: > add a mark column to the masq file, and add some logic to Shorewall to > handle this. > > With the masq patch, my problem was solved by putting in the masq file > something like: > eth0 11.11.111.186 22.222.222.218 - - - 2 > eth0 22.222.222.218 11.11.111.186 - - - 1 > > I also wrote patches to do analogous thing in the accounting, tos and rules > file. Surely I find these not essential as the masq one is for me, but I > found them useful: if someone marks some traffic, than it's likely he wants > to let it pass through the firewall too. So he can keep his config files > smaller. > I'd like if someone accustomed with Shorewall code could review them. You > can find them attached to the message.
Thanks for the patches. Unfortunately, 3.2.9 will be the last 3.2 release (except for bug fixes) because Shorewall 3.4.0 will be released shortly. Once 3.4.0 is out, I'll look at modifying the patches for the 3.4 release. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
