diff --git a/Shorewall-docs2/Shorewall_and_Routing.xml b/Shorewall-docs2/Shorewall_and_Routing.xml index 9b43ce697..5a3b645cd 100644 --- a/Shorewall-docs2/Shorewall_and_Routing.xml +++ b/Shorewall-docs2/Shorewall_and_Routing.xml @@ -179,4 +179,28 @@ role="bold">other than as described in the previous section, there is no connection between Shorewall and routing. - \ No newline at end of file + +
+ Routing and Proxy ARP + + There is one instance where Shorewall creates routing table entries. + When an entry in /etc/shorewall/proxyarp contains + "No" in the HAVEROUTE column then Shorewall will create a host route to + the IP address listed in the ADDRESS column through the interface named in + the INTERFACE column. This is the only case where + Shorewall directly manipulates the routing table. + + Example: + + /etc/shorewall/proxyarp: + + #ADDRESS INTERFACE EXTERNAL HAVEROUTE PERSISTENT +206.124.146.177 eth1 eth0 No +#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE + + The above entry will cause Shorewall to execute the following + command: + + ip route add 206.124.146.177 dev eth1 +
+