On 8/28/2013 4:43 PM, Tom Eastep wrote: > On 8/28/2013 3:44 PM, Thomas Harold wrote: > >> >> So a little background here: >> >> - We're running a multi-ISP configuration, a cable modem (wancbl) and a >> T1 line (want1). Cable modem is the primary, T1 is the fallback. >> >> - Internal connection to the LAN is a bonded pair (bond0) of ethernet >> devices in active-fallback mode. >> >> - NAT/MASQ outbound through the cable modem works, but doesn't fallback >> to the T1; so it's almost, but not quite, setup. >> >> There's possibly other errors in the setup, but at the moment I'm more >> interested in /etc/shorewall/stoppedrules. I've tried different ACCEPT >> rules such as specifying the local IP address range, using "loc" in the >> SOURCE/DEST column and using "bond0". >> > > Shorewall 4.5.4 Dump at fw2-sec - Wed Aug 28 18:31:52 EDT 2013 > ----- > > Support for /etc/shorewall/stoppedrules wasn't added until Shorewall > 4.5.8. In 4.5.8, you must use /etc/shorewall/routestopped. >
In 4.5.4, you must use /etc/shorewall/routestopped. ----- -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! Discover the easy way to master current and previous Microsoft technologies and advance your career. Get an incredible 1,500+ hours of step-by-step tutorial videos with LearnDevNow. Subscribe today and save! http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users