Mike Lander wrote: > > : /etc/shorewall/masq > : eth0 10.194.79.181 66.224.62.120 > : eth1 66.224.62.120 10.194.79.181 > : eth0 eth1 66.224.62.120 > : eth1 eth0 10.194.79.181
The last two entries appear to me to be totally silly. Please stop and think a minute about what those entries are asking the firewall to do. The first one says that "any traffic from a host with a route out of eth1 that is being forwarded out of eth0 should have its source address rewritten to 66.224.62.120". Why would any traffic be taking that path at all? The second rule is similar... Am I missing something? -Tom Well in the mulit-Isp setup this is the convention to take with two isp two nics FQip That is why I am confused on how to masq from loc to the net with one nic FQip 66.224.62.120 and the other fowarding to the gw 10.194.79.254 on the internal lan. My thought about the lan is not to masq at all, any ideas? But you answer sure make me think about it more clear. Thanks Mike ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
