Show equivalent mangle rules in the Multi-ISP article

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2024-11-22 07:33:43 +01:00 · 2014-02-27 15:58:51 -08:00 · 2014-02-27 15:58:51 -08:00 · 1bac919ea6
commit 1bac919ea6
parent 238aa68b28
1 changed files with 10 additions and 1 deletions
--- a/docs/MultiISP.xml
+++ b/docs/MultiISP.xml
@ -148,7 +148,8 @@
      two ISPs. Entries in <filename>/etc/shorewall/mangle</filename> and
      <filename>/etc/shorewall/rtrules</filename> can be used to direct
      particular outgoing connections to one ISP or the other. Use of
-      <filename>/etc/shorewall/tcrules</filename> is not required for
+      <filename>/etc/shorewall/mangle</filename> (or
+      <filename>/etc/shorewall/tcrules</filename>) is not required for
      <filename>/etc/shorewall/providers</filename> to work, but in most
      cases, you must select a unique MARK value for each provider so
      Shorewall can set up the correct marking rules for you.</para>
@ -2518,6 +2519,14 @@ MARK(2)               $FW             0.0.0.0/0       tcp     119</programlistin
        </listitem>
      </itemizedlist>

+      <para>The same rules converted to use the mangle file are:</para>
+
+      <programlisting>#ACTION         SOURCE          DEST            PROTO   PORT(S)         CLIENT  USER    TEST    LENGTH  TOS     CONNBYTES       HELPER
+#                                                                       PORT(S) 
+MARK(2)         $FW             0.0.0.0/0       tcp     21
+MARK(2)         $FW             0.0.0.0/0       tcp     -               -       -       -       -       -       -               ftp
+MARK(2)         $FW             0.0.0.0/0       tcp     119</programlisting>
+
      <para>The remaining files are for a rather standard two-interface config
      with a bridge as the local interface.</para>