Keith Mitchell wrote: > Wow. Just wow. Started using the new Shorewall Multi-ISP features and > USE_DEFAULT_RT=Yes. Was totally confused when running "ip route" and seeing > there was no default route any more! > > Reading the instructions though, "ip rule ls" and "shorewall show routing" > both were clear that my routes were still there (and everything worked)! > > Question: I have an override in my tcrules for traffic with a certain > destination to ride through a specific "provider". I see this reflected > clearly in "ip rule ls" and to some extent in "shorewall show routing", but > do I need to setup a specific hard route in the ...main?... Table for that > traffic to be directed via a specific interface? > > I.e. Tcrules as below: > > #MARK SOURCE DEST PROTO DEST SOURCE USER TEST > # PORT(S) PORT(S) > 256:P 192.168.1.0/24 10.254.0.4/24 all - - > 256:P 192.168.1.0/24 10.254.0.5/24 all - - > # > 512:P 0.0.0.0/0 > 512 $FW > > I see the route exceptions in "ip rule ls", but no static route reflection > in "ip route" or "shorewall show routing". > > Is this the correct behavior?
Yes. a) "shorewall show mangle" will show how the packets get marked. b) "ip rule ls" (or "shorewall show routing") shows how marked packets are sent to a particular table. c) The default route in the specified provider table is all that is needed. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
