Hi guys, i think the last dump was taken when tun1 was down, please find attached dump with tun1 present. Thanks in advance and I appreciate any pointers. Chris
From: [email protected] To: [email protected] Date: Sun, 15 May 2011 02:36:22 +0000 Subject: Re: [Shorewall-users] Multi-ISP over tun not working Hi chaps and thanks for the replies. Actually it will be more than one host and what gets routed through tun1 is dependent on mac-address (or at least in my original script) and also source IP address, and i will need to masquerade on this 'tun1' connection. My current openvpn up script is below: # add iptables rules iptables -A FORWARD -o tun1 -j ACCEPT iptables -t nat -A POSTROUTING -o tun1 -j MASQUERADE ip rule add fwmark 1 table 1 ip route add default dev tun1 table 1 iptables -t mangle -A PREROUTING -s 192.168.69.247 -j MARK --set-mark 1 iptables -t mangle -A PREROUTING -m mac --mac-source 00:40:4C:24:84:1C -j MARK --set-mark 1 I would like to integrate this all into Shorewall script system as close as possible. Tom I have sent you the dump with tun1, not sure why it wasn't in the original. Many thanks, Chris From: [email protected] Date: Sat, 14 May 2011 15:05:49 -0700 To: [email protected] CC: [email protected] Subject: Re: [Shorewall-users] Multi-ISP over tun not working On May 14, 2011, at 2:56 PM, [email protected] wrote: Hi Mike, I have done that with my original openvpn config, in the upscript it adds forwarding rules dependent on MAC address and source IP. I didn't know if these raw iptables rules would work with the iptables rules shorewall generates. It sounds like an option and if you have further suggestions would be much appreciated. Depends on what your rules are doing. I do also like to learn and also interested if the original plan of using multi isp is possible or not. Well, if you only want one host to use the alternate provider, I would not specify either 'track' or 'balance' for it. -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Achieve unprecedented app performance and reliability What every C/C++ and Fortran developer should know. Learn how Intel has extended the reach of its next-generation tools to help boost performance applications - inlcuding clusters. http://p.sf.net/sfu/intel-dev2devmay _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ Achieve unprecedented app performance and reliability What every C/C++ and Fortran developer should know. Learn how Intel has extended the reach of its next-generation tools to help boost performance applications - inlcuding clusters. http://p.sf.net/sfu/intel-dev2devmay _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
status.txt.gz
Description: application/gzip-compressed
------------------------------------------------------------------------------ What Every C/C++ and Fortran developer Should Know! Read this article and learn how Intel has extended the reach of its next-generation tools to help Windows* and Linux* C/C++ and Fortran developers boost performance applications - including clusters. http://p.sf.net/sfu/intel-dev2devmay
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
