Ok, well the thing about the top 2 lines was inaccurate. It does work regardless of those.
However, it still matters not what I put in there. If I take those out and leave 1:P 0.0.0.0/0 1 $FW In tcrules it changes nothing, breaks nothing. still routes everything over isp 2 Shorewall Guy wrote: > Mark Rutherford wrote: > >> I am trying to force (all) traffic over one isp. >> I have the following in tcrules: >> >> 1 eth0 70.61.215.87/29 >> 2 eth1 216.176.235.184/29 >> 1:P 0.0.0.0/0 >> 1 $FW >> >> I want everything unless otherwise directed from eth2 out over eth0 >> If I don't have the first 2 lines there port forwarding does not work. >> > > Then you are doing something wrong. > > >> Have I got this all wrong? >> >> > > Yes -- in the tcrules file *last match determines the mark value* > > > ------------------------------------------------------------------------------ > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users > ------------------------------------------------------------------------------ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
