Brian J. Murrell wrote: > I think we discussed this in the past and I floated a hack at the time, > but I don't recall any real resolution. I want to see if time has > solved my problem or if it still exists. > > My scenario is that I have two ISPs, one of which uses DHCP. Because I > have two ISPs, history has shown that allowing the provisioning script > for the interface to plumb a default route is troublesome and it's > better left to shorewall to handle. > > The problem with this is that because the DHCP provided interface is > dynamic, I should use "detect" in the gateway column of the providers > file. However, gateway detect, for DHCP interfaces relies on the > interface provisioning script plumbing the default interface, which as > I've mentioned, causes more problems than it solves, with shorewall and > multi-isp. > > The hack I had proposed at the time was to allow the specification of a > scriptlet in the gateway column of the providers file to alternately > tell shorewall how to get the default interface. > > Any suggestions? I'd even happy to put the scriplet somewhere else > (i.e. in params), setting a variable and having the variable > de-referenced in the providers file if that's possible but it doesn't > seem so. > > Would a patch to expanding the methods used to "detect" a gateway be > welcomed?
Check out the detect_dynamic_gateway() function in the 4.2.9 version of /usr/share/shorewall-perl/prog. If your DHCP client is placing its lease file in either of the places that the function is looking then your are all set. If not, then you'll neeed to modify the file slightly. In 4.4, there is also a findgw user exit (extension script) that gets called at the top of that routine. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
