On 6/1/20 9:24 PM, PGNet Dev wrote: > On 6/1/20 4:51 PM, Tom Eastep wrote: >>> @ local > >> You are missing a default route: via fd10:254:254::1 dev wg0 > >>> @ remote > >> That route is incorrect -- it should be via fd10:254:254::1 dev wg0. > > Thanks! Obviously non-obvious to me :-/ > > Such routes can be set/handled by > > system networking (systemd-networkd stack, in my case) > wireguard scripts > shorewall itself > > > is there any rationale for choosing one over the other? > > if shorewall's a realistic option, where best to set the routes? >
For route (such as these) in the main routing table, I prefer the system networking config files. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster Shoreline, \ with an international standard? Washington, USA \ A: Someone who makes you an offer you http://shorewall.org \ can't understand \________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users