extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-08 08:44:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Include tcrules entries for directing connections to a specific provider

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2014-03-18 07:29:02 -07:00
parent 4bd8d9791c
commit 57637506ba
1 changed files with 18 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
docs/MultiISP.xml
View File

@ -847,11 +847,9 @@ eth1 0.0.0.0/0 130.252.99.27</programlisting>
<para>This continues the example in the preceding section.</para>
<para>Now suppose that you want to route all outgoing SMTP traffic from
your local network through ISP 2. You would make this entry in <ulink
url="traffic_shaping.htm">/etc/shorewall/mangle</ulink> (and if you are
running a version of Shorewall earlier than 3.0.0, you would set
TC_ENABLED=Yes in <ulink
url="???">/etc/shorewall/shorewall.conf</ulink>).</para>
your local network through ISP 2. If you are running Shorewall 4.6.0 or
later, you would make this entry in <ulink
url="traffic_shaping.htm">/etc/shorewall/mangle</ulink>.</para>
<programlisting>#ACTION SOURCE DEST PROTO PORT(S) CLIENT USER TEST
# PORT(S)
@ -863,6 +861,21 @@ MARK(2):P &lt;local network&gt; 0.0.0.0/0 tcp 25</programlisting
<programlisting>#MARK SOURCE DEST PROTO PORT(S) CLIENT USER TEST
# PORT(S)
MARK(2) $FW 0.0.0.0/0 tcp 25</programlisting>
<para>If you are running a Shorewall version earlier than 4.6.0, the
above rules in <ulink
url="manpages/shorewall-tcrules.html">/etc/shorewall/tcrules</ulink>
would be:</para>
<programlisting>#ACTION SOURCE DEST PROTO PORT(S) CLIENT USER TEST
# PORT(S)
2:P &lt;local network&gt; 0.0.0.0/0 tcp 25</programlisting>
<para>And for traffic from the firewall:</para>
<programlisting>#MARK SOURCE DEST PROTO PORT(S) CLIENT USER TEST
# PORT(S)
2 $FW 0.0.0.0/0 tcp 25</programlisting>
</section>
<section id="PortForwarding">