extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-23 16:13:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

Clarify masq file vs multi-ISP

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3010 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2005-11-16 22:00:15 +00:00
parent 76929fb432
commit a16927dee2
1 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
Shorewall-docs2/Shorewall_and_Routing.xml
View File

@ -15,7 +15,7 @@
</author> </author>
</authorgroup> </authorgroup>
<pubdate>2005-09-25</pubdate> <pubdate>2005-11-16</pubdate>
<copyright> <copyright>
<year>2005</year> <year>2005</year>
@ -244,11 +244,11 @@
<para>Entries in <filename>/etc/shorewall/providers</filename> can <para>Entries in <filename>/etc/shorewall/providers</filename> can
specify that outgoing connections are to be load-balanced between the specify that outgoing connections are to be load-balanced between the
two ISPs. Entries in <filename>/etc/shorewall/tcrules</filename> can be two ISPs. Entries in <filename>/etc/shorewall/tcrules</filename> can be
used to direct particular outgoing connections to one ISP or the used to direct particular outgoing connections to one ISP or the other.
other. Use of <filename>/etc/shorewall/tcrules</filename> is not Use of <filename>/etc/shorewall/tcrules</filename> is not required for
required for <filename>/etc/shorewall/providers</filename> to work, but <filename>/etc/shorewall/providers</filename> to work, but you must
you must select a unique MARK value for each provider so Shorewall can select a unique MARK value for each provider so Shorewall can set up the
set up the correct marking rules for you.</para> correct marking rules for you.</para>
<para>When using <filename>/etc/shorewall/providers</filename>, <para>When using <filename>/etc/shorewall/providers</filename>,
connections from the internet are automatically routed back out of the connections from the internet are automatically routed back out of the
@ -563,6 +563,13 @@ net net DROP</programlisting>
eth0 eth2 206.124.146.176 eth0 eth2 206.124.146.176
eth1 eth2 130.252.99.27</programlisting> eth1 eth2 130.252.99.27</programlisting>
<warning>
<para>Entries in <filename>/etc/shorewall/masq</filename> have no
effect on which ISP a particular connection will be sent through. That
is rather the purpuse of entries in
<filename>/etc/shorewall/tcrules</filename>.</para>
</warning>
<para>Now suppose that you want to route all outgoing SMTP traffic from <para>Now suppose that you want to route all outgoing SMTP traffic from
your local network through ISP 2. You would make this entry in <ulink your local network through ISP 2. You would make this entry in <ulink
url="traffic_shaping.htm">/etc/shorewall/tcrules</ulink> (and you would url="traffic_shaping.htm">/etc/shorewall/tcrules</ulink> (and you would
@ -574,4 +581,4 @@ eth1 eth2 130.252.99.27</programlisting>
2:P &lt;local network&gt; 0.0.0.0/0 tcp 25</programlisting> 2:P &lt;local network&gt; 0.0.0.0/0 tcp 25</programlisting>
</section> </section>
</section> </section>
</article> </article>