Working at building new firewalls.
My old firewalls used shorewall 2.2.3 and I am setting up shorewall 4 now.
Trying to use the new features.
The documentation states that there is no provision to do automatic
fallover of internet providers in case of failures.
In my old setup a just had scripts to replace my default route
Like this:
ip rule delete prio 222 table 222
ip rule add prio 222 table 222
ip route add default table 222 proto static \
nexthop via 69.128.2.137 dev eth1 weight 1 \
nexthop via 205.196.135.26 dev eth2 weight 3
# flush routes
ip route flush cache
for just eth1
ip rule delete prio 222 table 222
ip rule add prio 222 table 222
ip route add default table 222 proto static \
nexthop via 69.128.2.137 dev eth1
# flush routes
ip route flush cache
Never did really automate it but was easy to stop using the failed provider.
I could still force ping out it for testing.
What is the best way to change the routing without messing up shorewall.
John
begin:vcard
fn:John McMonagle
n:McMonagle;John
org:Advocap Inc
adr;dom:;;2929 Harrison St;Oshkosh;WI;54936
email;internet:[EMAIL PROTECTED]
title:IT Manager
tel;work:920-426-0150
x-mozilla-html:FALSE
url:http://www.advocap.org
version:2.1
end:vcard
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
