Mark Rutherford wrote:
> I am seeing something here that may explain my troubles.
> When you said that it was duplicated and I saw that it was in the
> dump... it was not in the file.
> I was changing it from one to the other but the entries in the file were
> never there at the same time with the same priority.
> I don't know if this is getting cleared or not.
Hell -- I should have noticed that you are using Shorewall 3.2. That old
version works very badly when you are changing your configuration on the
fly.
>From the Shorewall 3.x Multi-ISP Documentation:
Warning
If you are running a Shorewall version prior to 3.4.0, entries
in /etc/shorewall/providers permanently alter your
firewall/gateway's routing; that is, the effect of these changes
is not reversed by shorewall stop or shorewall clear. To restore
routing to its original state, you may have to restart your
network. This can usually be done by /etc/init.d/network restart
or /etc/init.d/networking restart. Check your distribution's
networking documentation.
>
> I rebooted the system and left it with the values as suggested and it
> seems to be working fine now....
> Traffic is going out over Twc and port forwarding to the inside is
> working over both isps so I am at a loss.
> Should the system be rebooted whenever working with these rules?
See above.
You really should consider upgrading to Shorewall 4 and switching to
Shorewall-perl. See the Shorewall Download page for a source of Debian
Etch packages.
------------------------------------------------------------------------------
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
