----- Original Message -----
From: "Mike Lander" <[EMAIL PROTECTED]>
To: "Shorewall Users" <[email protected]>
Sent: Thursday, August 30, 2007 1:09 PM
Subject: Re: [Shorewall-users] Multi-Isp Masqerade ?
: Mike Lander wrote:
:
: >
: > : /etc/shorewall/masq
: > : eth0 10.194.79.181 66.224.62.120
: > : eth1 66.224.62.120 10.194.79.181
: > : eth0 eth1 66.224.62.120
: > : eth1 eth0 10.194.79.181
:
: The last two entries appear to me to be totally silly.
:
: Please stop and think a minute about what those entries are asking the
: firewall to do. The first one says that "any traffic from a host with a
: route out of eth1 that is being forwarded out of eth0 should have its
source
: address rewritten to 66.224.62.120". Why would any traffic be taking that
: path at all? The second rule is similar...
:
: Am I missing something?
:
: -Tom
:
: Well in the mulit-Isp setup this is the convention
: to take with two isp two nics FQip
: That is why I am confused on how to masq
: from loc to the net with one nic FQip 66.224.62.120
: and the other fowarding to the gw 10.194.79.254
: on the internal lan. My thought about the lan
: is not to masq at all, any ideas?
: But you answer sure make me think about
: it more clear.
:
: Thanks
: Mike
:
:
Tom
This is what I think it should be
eth0 eth1 66.224.62.120
eth1 eth1 10.194.79.181
Mike
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
