mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-25 15:48:56 +01:00
Look in routing table for gw IP if not P-T-P interface
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2162 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
0a4ee8284d
commit
57997027d8
@ -1,3 +1,11 @@
|
||||
Changes in 2.4.0-RC2
|
||||
|
||||
1) Relax "detect" restriction.
|
||||
|
||||
Changes in 2.4.0-RC1
|
||||
|
||||
1) Fix output from firewall itself vis-a-vis multiple providers.
|
||||
|
||||
Changes in 2.3.2
|
||||
|
||||
1) Add support for -j ROUTE
|
||||
|
@ -1094,7 +1094,22 @@ setup_providers()
|
||||
fi
|
||||
|
||||
if [ "x$gateway" = xdetect ] ; then
|
||||
#
|
||||
# First assume that this is some sort of point-to-point interface
|
||||
#
|
||||
gateway=$( find_peer $(ip addr ls $interface ) )
|
||||
#
|
||||
# Maybe there's a default route through this gateway already
|
||||
#
|
||||
[ -n "$gateway" ] || gateway=$(find_gateway $(ip route ls dev $interface))
|
||||
#
|
||||
# Last hope -- is there a load-balancing route through the interface?
|
||||
#
|
||||
[ -n "$gateway" ] || gateway=$(find_nexthop $interface)
|
||||
#
|
||||
# Be sure we found one
|
||||
#
|
||||
[ -n "$gateway" ] || fatal_error "Unable to detect the gateway through interface $interface"
|
||||
fi
|
||||
|
||||
ensure_and_save_command ip route add default via $gateway dev $interface table $number
|
||||
@ -1150,7 +1165,7 @@ setup_providers()
|
||||
|
||||
if [ -n "$PROVIDERS" ]; then
|
||||
if [ -n "$DEFAULT_ROUTE" ]; then
|
||||
run_ip route replace default scope global $DEFAULT_ROUTE
|
||||
run_ip route replace default scope global metric 1 $DEFAULT_ROUTE"
|
||||
progress_message " Default route $DEFAULT_ROUTE Added."
|
||||
fi
|
||||
|
||||
|
@ -823,6 +823,14 @@ find_rt_interface() {
|
||||
done
|
||||
}
|
||||
|
||||
#
|
||||
# Try to find the gateway through an interface looking for 'nexthop'
|
||||
|
||||
find_nexthop() # $1 = interface
|
||||
{
|
||||
echo $(find_gateway `ip route ls | grep -E "[[:space:]]*nexthop.* $1"`)
|
||||
}
|
||||
|
||||
#
|
||||
# Find the default route's interface
|
||||
#
|
||||
|
@ -32,9 +32,8 @@
|
||||
#
|
||||
# GATEWAY The IP address of the provider's gateway router.
|
||||
#
|
||||
# Users with point-to-point dynamic connections such
|
||||
# as PPPoE, PPPoA and PPTP can enter "detect" here and
|
||||
# Shorewall will automatically detect the gateway.
|
||||
# You can enter "detect" here and Shorewall will
|
||||
# attempt to detect the gateway automatically.
|
||||
#
|
||||
# OPTIONS A comma-separated list selected from the following:
|
||||
#
|
||||
|
@ -1,20 +1,10 @@
|
||||
Shorewall 2.4.0-RC1
|
||||
Shorewall 2.4.0-RC2
|
||||
|
||||
-----------------------------------------------------------------------
|
||||
Problems Corrected since 2.3.2
|
||||
Problems Corrected since 2.4.0-RC1
|
||||
|
||||
1) The /etc/shorewall/providers file is now installed correctly.
|
||||
|
||||
2) "shorewall restart" now works correctly when multiple providers
|
||||
with load-balancing were specified when Shorewall was originally
|
||||
started.
|
||||
|
||||
3) Routes created by entries in /etc/shorewall/proxyarp are now
|
||||
copied to new routing tables created by entries in
|
||||
/etc/shorewall/providers.
|
||||
|
||||
4) Where multiple internet providers were configured, traffic from the
|
||||
firewall itself was mishandled.
|
||||
1) The value 'detect' in the GATEWAY column of the providers file
|
||||
is no longer restricted to P-T-P interfaces.
|
||||
|
||||
-----------------------------------------------------------------------
|
||||
Upgrade Issues when moving to 2.4.0
|
||||
@ -52,6 +42,9 @@ New Features in version 2.4.0
|
||||
/etc/shorewall/interfaces.
|
||||
|
||||
GATEWAY The IP address of the provider's gateway router.
|
||||
If you enter "detect" here then Shorewall will
|
||||
attempt to determine the gateway IP address
|
||||
automatically.
|
||||
|
||||
OPTIONS A comma-separated list selected from the
|
||||
following:
|
||||
|
Loading…
Reference in New Issue
Block a user