Hi all,
I'm new to this list so "hi! and thanks for any support you can give me :)".
I'm experiencing a problem with packet mangling ( I think ), in my
configuration there are 2 providers, balanced in this way
prov1 1 1 - eth0 x.x.x.x track,balance -
prov2 2 2 - eth2 y.y.y.y track,balance -
all is working, the packets are put out of the interfaces in a round robin
like method.
but now, my customer wants that an ftp service behind firewall is exposed
only trought prov1, so I decided to act in this way:
rules file:
DNAT net loc:x.x.x.211 tcp 20 - ip_pub_on_provider_1
DNAT net loc:x.x.211 tcp 21 - ip_pub_on_provider_1
mangle file:
MARK(1):P x.x.x.211/32 0.0.0.0/0 all
But, the connections are not allways going out with eth0, sometimes going
out with eth2.
Can you help me with this problem ? I suppose is a mangle problem.
Regards,
roby
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
