On 11/25/2017 10:50 AM, Brian J. Murrell wrote: > On Sat, 2017-11-25 at 10:07 -0800, Tom Eastep wrote: >> >> Then why not make one the primary and the other the fallback? >> > > So that does seem to resolve the reloading problem and having to flush > that table before reloading. So that's great. Thanks! > > But it's not really doing/enforcing primary/fallback though is it, > given that hosts behind Shorewall choose their own source address, > correct? >
That is correct. I do a similar thing here; by using source-address routing rules, my DMZ uses one interface and the local LAN uses the other. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users