I am at a loss as to what I need to change. I tried inverting the priority numbers in route_rules and changing the order of the entries in the file and it seems to have no effect.
Shorewall Guy wrote: > Mark Rutherford wrote: > >> Ok, I hope this is it... >> I did the reset as requested and we tried the connection. >> A machine on the local network is trying to connect to 208.60.147.148 >> from 10.1.1.67 on port 22 (tcp) >> The machine on the other end is expecting us to connect from 70.61.215.98 >> Basically, I think the remote system just ignores us because we are >> firewalled out. >> The sftp client just simply fails to connect. >> If I drop the other network and we only have the one provider going we >> connect just fine, but then we are not firewalled out of the remote system. >> >> I have asked the operator of that system to allow our /29s and they >> scoffed... so I have to figure this out. >> > > There is no mystery: > > Routing Rules > > 0: from all lookup 255 > 1000: from all iif eth1 lookup Twc > 1001: from all iif eth2 lookup Nuvox <============= > 10001: from all fwmark 0x1 lookup Nuvox > 10002: from all fwmark 0x2 lookup Twc > > 10.1.1.67 connects through eth2. So the above flagged rule sends the > connection through Nuvox: > > Table Nuvox: > > 216.176.235.185 dev eth1 scope link src 216.176.235.186 > 216.176.235.184/29 dev eth1 proto kernel scope link src 216.176.235.186 > 10.1.1.0/24 dev eth2 proto kernel scope link src 10.1.1.2 > default via 216.176.235.185 dev eth1 <============ > > It goes out through eth1 with a 216.176.... source IP. > > So it is working exactly as you have configured it. > > ------------------------------------------------------------------------------ > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users > ------------------------------------------------------------------------------ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
