On 8/18/2015 11:58 AM, PGNet Dev wrote: > I'm modifying a shorewall6-lite instance to MultiISP support. > > My initial config -- migrated from a working IPv4 multiISP setup -- is > > /providers > ... > native6 1 0x100 main EXT_IF detect track,balance > 10 he6 2 0x200 main HE6_IF detect track,fallback > > /interfaces > net EXT_IF > physical=eth0,forward=1,tcpflags,nosmurfs,accept_ra=1,sourceroute=0 > he6 HE6_IF > optional,physical=he-ipv6,forward=1,tcpflags,nosmurfs,accept_ra=1,sourceroute=0 > loc lo > > /zones > fw firewall > net ipv6 > he6 ipv6 > loc loopback > > but at compile, > > ... > Adding Anti-smurf Rules > Compiling TCP Flags filtering... > Compiling Accept Source Routing... > Compiling Accept Routing Advertisements... > Compiling /etc/shorewall/IPv6/providers... > ERROR: Invalid Mark or Mask value (0x100) > /etc/shorewall/IPv6/providers (line 10) > > What's invalid about the Mark value here? reading the man page for > shorewall6-providers, not clear to my read that it shouldn't work.
It depends on how you have broken down the mark for various uses -- see http://www.shorewall.org/PacketMarking.html#Values. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
